Path: utzoo!utgpu!watmath!clyde!att!ucbvax!bloom-beacon!mcgill-vision!mouse
From: mouse@mcgill-vision.UUCP (der Mouse)
Newsgroups: comp.unix.wizards
Subject: Re: Crackers and Worms
Message-ID: <1370@mcgill-vision.UUCP>
Date: 1 Dec 88 23:20:39 GMT
References: <1308@zippy.eecs.umich.edu>
Organization: McGill University, Montreal
Lines: 18

In article <1308@zippy.eecs.umich.edu>, cja@entebbe.eecs.umich.edu (Charles J. Antonelli) writes:
> In article  Rahul Dhesi (dhesi@bsu-cs.uucp) writes:
(Is that really the Message-ID of Rahul's article?  I hope not!)
>> But at's jobs to be executed are owned by daemon, so isn't being
>> daemon just a trivial step away from being root?  Somebody mentioned
>> this earlier and nobody contradicted him.
> consider the statement contradicted.  daemon is just another non-root
> uid.

Not "just" that.  On our 4.3, at least, the at queue *is* owned by
daemon.  Therefore, if I can break in with uid daemon, I can queue an
arbitrary at job to be run by an arbitrary user, such as root.  Now
what was that again about how daemon was just another non-root uid?

					der Mouse

			old: mcgill-vision!mouse
			new: mouse@larry.mcrcim.mcgill.edu