This article was posted to the Usenet group alt.hackers in
1995; any technical information is probably outdated.
Parent gone Parent
Linux problems (was Re: rlogin revealed)
Article: 8410 of alt.hackers From: ftlofaro@unlv.edu (Frank T Lofaro) Newsgroups: alt.hackers Subject: Linux problems (was Re: rlogin revealed) Date: 8 Aug 1995 07:15:47 GMT Organization: University of Nevada, Las Vegas Lines: 22 Approved: Communications_Decency_Enforcement@cda.fcc.gov Message-ID: 4072v3$7if@news.nevada.edu NNTP-Posting-Host: pioneer.nevada.edu Keywords: Linux, security hole, denial of service In-Reply-To: <1995Aug7.134512.25441@dcs.warwick.ac.uk> Status: RO
A poster mentioned here the chfn could be used to hose a linux box. He didn't say, but it looked like one could hose the system by killing/suspending chfn right after opening /etc/passwd in truncate mode. I ran a trace on chfn. Here's another bad one. Set file limit to 0. run passwd and try to change passwd /etc/passwd is empty, and all logins are denied with "Login incorrect", i.e. one doesn't know what is wrong. By setting file limits low can partially truncate /etc/passwd. I'll post this to comp.os.linux.development.system too. ObHack: Changing the FS code to allow hardlinks to symlinks. Not too useful, but neat, and I didn't lose any filesystems when I did it! And doing 40 other hacks and wacks on the Linux kernel, unfortunately one of them hosed swapping to a file. Heck, most of them work though!
Parent gone Parent