--
. . _ __ __ __ _ . .
Foldi Tamas - We Are The Hashmark In The Rootshell - Security Consultant
[EMAIL PROTECTED] - PGP: finger:[EMAIL PROTECTED] - (+3630) 221-7477
--
. . _ __ __ __ _ . .
Foldi Tamas - We Are The Hashmark In The Rootshell - Security Consultant
[EMAIL PROTECTED] - PGP: finger:[EMAIL PROTECTED] - (+3630) 221-7477
.
--
. . _ __ __ __ _ . .
Foldi Tamas - We Are The Hashmark In The Rootshell - Security Consultant
[EMAIL PROTECTED] - PGP: finger:[EMAIL PROTECTED] - (+3630) 221-7477
user launches man, our code will be run instead of
the original /usr/lib/man-db/man binary. This is the real security
problem.
Do "chattr +i /usr/lib/man-db/man*" to prevent this style attacks.
Cheers,
Foldi Ur ;)
. . _ __ __ __ _