*********** REPLY SEPARATOR ***********
On 31/07/00 at 16:08 Jake McHenry wrote:
>Yes, I see what your saying. If I would just happen to be in /tmp, and
someone
>just happened to make that fake "ls" script, then that would be a problem.
I
>don't know of many people on my system that know how to do anything more
than
>run pine, but there's the possibility. Thanks again.
>
>Jake
This type of attack is probably more common than what you think, think
buffer overflows and write ability to disk, if the system is on a closed
LAN then just think of the lesson they could have obtained easily from most
anywhere...not dissimilar to the one here....
Like Charles says, its just important to be aware, how anyone actually does
things is ultimately up to themselves, I like to think that I would never
underestimate anyone
>
>
>
>On Mon, 31 Jul 2000, Charles Galpin wrote:
>
>--but that's *THE POINT*! If you run 'ls' as root while in /tmp you are
not
>--knowlingly running someone else's script - you are doing soemthing you
do
>--many times a day that is quite harmless.
Regards
Greg Wright
IT Consultant Sydney Australia
--
*** Please trim any replies ***
*** Please turn off HTML in your email ***
*** Please don't use the list for test messages ***
*** Why not read the archives? http://moongroup.com/redhat.phtml ***
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
