hello, Nils Rennebarth wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > On Thu, 3 Jul 1997, Pavel Galynin wrote: > >> attempts to telnet from the one source, but as we've disabled shell > >> access for dial-in clients it'll just give them motd if they do get in > >> that way! > > > >i'm not at all knowledgeable in linux, but chsh changes a default shell > >of the user in /etc/passwd. (at least on sunOS) > Yes, but how do you run it without getting a shell login in the first > place?
some admins suid cgi scripts, like phf, php, jj and glimpse (the latest victim). all those buffer overflows in suid shell scripts, uid:0 daemons, etc. enough? ;)) paul -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .