Re: Groff/troff security exposure
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 5 Oct 2000, Alan KF LAU wrote:
> Just a question. I've tried it on my own server which is Debian 2.2.17 woody(unstable) version. I got the following message when trying 2:
>
> ./troffrc:1: can't open `/etc/passwd' for appending: Permission denied
> ./troffrc:2: no stream named 'passwds'
> ./troffrc:3: no stream named 'passwds'
> ....
>
> Is this bug already fixed in Debian 2.2 Woody(unstable)?
Javier's email does specify that you need to be logged in as root. I
assume you were not.
There have been similar attacks to this in other packages for quite some
time. I believe it would be reasonable for man to run setuid man, would
it not? In fact, considering that there's a man user in /etc/passwd by
default in Debian, why isn't it?
noah
_______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQCVAwUBOdyC2IdCcpBjGWoFAQGhMAP+NYkg92psPK+lfyjj7SKlaPFGlxCbpBgX
DUQIY3k8sp7zUPsvSp46SORPew/XSXcRM29PtjbkHS/l0ftmHxp7TG9wwM13/8Jx
2ovWsOihsgysliKXfOIt/gUXEG9qlu/D5UZaV2Xm+GbncxrQg5h/4nLmco99TY8I
4/19T5zTdMc=
=QtdO
-----END PGP SIGNATURE-----
Reply to: