From: jim@deitygraveyard.com (Jim Carpenter)
Subject: [TUHS] The size of EMACS, and what hides in kLOCs
Date: Sun, 26 Feb 2017 14:19:08 -0500 [thread overview]
Message-ID: <CA+oaVqwf2xaTnKoiQiBQDYizeWo8De1Ncao+Gp__hjirbCja7A@mail.gmail.com> (raw)
In-Reply-To: <22DFC2A3-0279-43FD-BBD6-9A1BF32E5E80@tfeb.org>
On Sun, Feb 26, 2017 at 1:23 PM, Tim Bradshaw <tfb at tfeb.org> wrote:
> This was the movemail SUID bug, and it's indeed in the original although I'm not sure how much detail he goes into.
Not much detail:
"""
In the way it was installed on our Unix computer, the Gnu-Emacs editor
lets you forward a mail file from your own directory to anyone else in an
unusual way. It doesn't check to see who's receiving it, or even whether they
want the file. It just renames the file and changes its ownership label. You've
just transferred ownership of the file from you to me.
No problem to sent a file from your area to mine. But you'd better not
be able to move a file into the protected systems area: only the system
manager is allowed there. Stallman's software had better make sure this can't
happen.
Gnu didn't check. It let anyone move a file into protected systems
space. The hacker knew this; we didn't.
The hacker used Gnu to swap his special atrun file for the system's
legitimate version. Five minutes later, the system hatched his egg, and he
held the keys to my computer.
"""
Jim
next prev parent reply other threads:[~2017-02-26 19:19 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-25 14:17 [TUHS] Un-released/internal/special UNIX versions/ports during the years? Arno Griffioen
2017-02-25 14:32 ` Larry McVoy
2017-02-25 16:35 ` Steve Nickolas
2017-02-25 18:11 ` Joerg Schilling
2017-02-25 18:16 ` Brantley Coile
2017-02-25 17:31 ` Clem Cole
2017-02-25 17:34 ` Charles Anthony
2017-02-25 17:36 ` Brantley Coile
2017-02-25 18:28 ` Tim Bradshaw
2017-02-27 5:08 ` Dave Horsfall
2017-02-25 17:40 ` Nemo
2017-02-25 17:43 ` Brantley Coile
2017-02-25 23:23 ` Dave Horsfall
2017-02-26 12:39 ` Noel Chiappa
2017-02-26 12:46 ` [TUHS] The size of EMACS, and what hides in kLOCs Michael Kjörling
2017-02-26 16:05 ` Nemo
2017-02-26 17:05 ` Michael Kjörling
2017-02-26 18:23 ` Tim Bradshaw
2017-02-26 19:19 ` Jim Carpenter [this message]
2017-02-26 19:39 ` [TUHS] EMACS movemail suid root bug Michael Kjörling
[not found] ` <CALMnNGg3dRV0yPV1GgeqaOFG0Mb5PSNuqgPs8pLKOHYzurYEOg@mail.gmail.com>
2017-02-27 1:00 ` [TUHS] The size of EMACS, and what hides in kLOCs Nemo
2017-02-27 1:48 ` Steve Nickolas
2017-02-27 8:26 ` Michael Kjörling
2017-02-27 1:19 ` Jason Stevens
2017-02-27 2:13 ` Nick Downing
2017-02-26 13:32 ` [TUHS] Un-released/internal/special UNIX versions/ports during the years? Tim Bradshaw
2017-02-26 14:19 ` Michael Kerpan
2017-02-26 14:54 ` Joerg Schilling
2017-02-26 15:25 ` Angelo Papenhoff
2017-02-26 15:55 ` Joerg Schilling
2017-02-26 15:37 ` Tim Bradshaw
2017-02-26 15:52 ` Joerg Schilling
2017-02-26 16:06 ` tfb
2017-02-26 16:27 ` Ron Natalie
2017-02-26 18:32 ` Lars Brinkhoff
2017-02-27 16:04 ` Tony Finch
2017-02-27 23:51 ` Nick Downing
2017-02-26 16:22 ` Michael Kerpan
2017-02-26 16:36 ` Ron Natalie
2017-02-26 18:01 ` William Pechter
2017-02-26 18:40 ` Lars Brinkhoff
2017-02-26 16:06 ` Tim Bradshaw
2017-02-26 16:30 ` Ron Natalie
2017-02-26 17:15 ` Ron Natalie
2017-02-26 17:20 ` Michael Kjörling
2017-02-26 17:23 ` Ron Natalie
2017-02-26 17:33 ` Steve Nickolas
2017-02-26 17:39 ` Michael Kjörling
2017-02-26 17:39 ` Michael Kerpan
2017-02-26 19:33 ` [TUHS] roff Larry McVoy
2017-02-26 19:34 ` Ron Natalie
2017-02-26 19:36 ` Ron Natalie
2017-02-26 19:46 ` Dan Cross
2017-02-26 19:41 ` Michael Kerpan
2017-02-26 21:27 ` Joerg Schilling
2017-02-26 21:28 ` Joerg Schilling
2017-02-27 13:59 ` Steffen Nurpmeso
2017-02-28 20:15 ` [TUHS] Un-released/internal/special UNIX versions/ports during the years? Dave Horsfall
2017-02-28 20:22 ` Lars Brinkhoff
2017-03-01 1:31 ` Dave Horsfall
2017-02-28 20:40 ` Jaap Akkerhuis
2017-03-01 12:45 ` Michael Kjörling
2017-02-25 14:44 ` [TUHS] Un-released/internal/special UNIX versions/ports during theyears? jsteve
2017-02-25 19:02 ` [TUHS] Un-released/internal/special UNIX versions/ports during the years? Al Kossow
2017-02-26 4:06 ` Jason Stevens
2017-03-01 4:15 ` Gregg Levine
2017-03-01 7:17 ` arnold
2017-03-01 7:45 ` Ronald Natalie
2017-03-01 11:14 ` [TUHS] Un-released/internal/special UNIX versions/ports duringthe years? jsteve
2017-03-01 14:54 ` [TUHS] Un-released/internal/special UNIX versions/ports during the years? Dan Cross
2017-03-01 15:41 ` Nemo
2017-03-01 18:17 ` Clem Cole
2017-03-02 2:13 ` Jason Stevens
2017-03-02 2:27 ` Gregg Levine
[not found] <CAJfiPzzDKemjamKHP8rpC3j-hW_K3NY-D7oQ3D0k8DGzUpk pg@mail.gmail.com>
2017-02-26 16:46 ` [TUHS] The size of EMACS, and what hides in kLOCs Mutiny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+oaVqwf2xaTnKoiQiBQDYizeWo8De1Ncao+Gp__hjirbCja7A@mail.gmail.com \
--to=jim@deitygraveyard.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).