Re: CVE Exploit
fwiw rm-rf /* works ;)
#define sizeof(x) rand()
On Mar 11, 2554 BE, at 10:31 AM, Erwan David <firstname.lastname@example.org> wrote:
> On Fri, Mar 11, 2011 at 04:08:29PM CET, Mike! <email@example.com> said:
>> On 03/11/2011 04:06 PM, Jordon Bedwell wrote:
>>> On 3/11/2011 9:04 AM, Andrey Rahmatullin wrote:
>>>> On Fri, Mar 11, 2011 at 09:42:17AM -0500, hans wrote:
>>>>> rm / -rf worked fine last time I tried it on a VM as an experiment.
>>>> It was fixed in coreutils 6.2 [2006-09-18].
>>> Subjective fix. It can still destroy your system, it can still delete
>>> critical files, just not certain critical files.
>>> We've done it before too.
>> perhaps dd if=/dev/zero of=/dev/root is a better solution?
> if=/dev/urandom would be more fun, whereas /dev/random might stop
> before doing too much damage, but restart when any action is done.
> The latest case might be fun to see...
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org
> Archive: 20110311153104.GB3114@rail.eu.org">http://lists.debian.org/20110311153104.GB3114@rail.eu.org