You'd have to be a fool to export /usr writable...but
often times I see filesystems mounted without "nosuid"
so creating and subsequently executing a setuid-bin shell
gives you the same result with no more effort.
I wonder if my outlook is mis-interpreting something; I meant to
only respond to Mr. Forsman.
Andrew
> -----Original Message-----
> From: Robert Forsman [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, August 05, 1999 9:40 AM
> To: [EMAIL PROTECTED]
> Subject: Re: install as root.root doesn't work on BSD systems
>
> Phil Nelson <[EMAIL PROTECTED]> ,in message
> <[EMAIL PROTECTED]
> u>, wrote:
>
> >
> > Hi,
> >
> > The recent change to install as root.root doesn't work on BSD
> > systems. It should bin.bin on unpriviledged binaries.
>
> I remember somebody complaining about how NFS doesn't have
> bin-squashing, so
> if anyone were able to compromise a machine and get write access to
> remote:/usr, then you'd be pretty fucked. Of course, why would you
> write-export /usr?
>
> --
> Bob Forsman [EMAIL PROTECTED]
> http://www.gainesville.fl.us/~thoth/
