From mboxrd@z Thu Jan 1 00:00:00 1970 From: dave@horsfall.org (Dave Horsfall) Date: Tue, 19 Dec 2017 12:08:21 +1100 (EST) Subject: [TUHS] History of exploits - request for authors In-Reply-To: <8460DBBB-A4E2-468B-B294-A2B021213F3C@alchemistowl.org> References: <8460DBBB-A4E2-468B-B294-A2B021213F3C@alchemistowl.org> Message-ID: On Mon, 18 Dec 2017, Arrigo Triulzi wrote: [...] > I hope a few of you will want to contribute something to the collection, > there is still space for the January 2018 edition if anyone is so > inclined. Depends on exactly what you want; I don't have time to document my, err, past before your deadline, but my favourites under Edition 6 would be: Planting 0 into u.u_uid via the switch register (physical access reqd). Planting same, but by sending a negative signal to yourself. And the usual run of insecure directory permissions etc. Planting trojans such as "pwd" called with 17 args (and same size!). Leaving a "login" simulator on a terminal (quite common). And on KRONOS, you could get system privileges quite easily on a terminal. With OS/360, you dumped low memory and traced where "SVC 254" went. Is that the sort of stuff you're after? -- Dave Horsfall DTM (VK2KFU) "Those who don't understand security will suffer."