From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 29469 invoked from network); 1 Aug 2023 18:43:23 -0000 Received: from minnie.tuhs.org (50.116.15.146) by inbox.vuxu.org with ESMTPUTF8; 1 Aug 2023 18:43:23 -0000 Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id 050D64101E; Wed, 2 Aug 2023 04:43:18 +1000 (AEST) Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) by minnie.tuhs.org (Postfix) with ESMTPS id E06DC41019 for ; Wed, 2 Aug 2023 04:43:09 +1000 (AEST) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id B9FFF3200583 for ; Tue, 1 Aug 2023 14:43:08 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 01 Aug 2023 14:43:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ronnatalie.com; h=cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:reply-to:sender:subject:subject:to:to; s= fm2; t=1690915388; x=1691001788; bh=VRIZWpUW9ob4HYDcNjJSWNEl/wrN Ytq9USQ0oTAGDz4=; b=JavKyWlyzlzAIkmrsYH78f2zYLjXiy68ALae7VIxztih b0Mga4+5q8VVJJwE37waQ3dVskr8Qj3tAB0wEOv/aXrscA3efBzD2xVz/K9vAWzN pt0zWfYe4OyZqJ5yR5uTIiNi3gscbfV12N/QW2wxn/YSq8W6j+CcJKRO4/cWugKT WemWBe0K2hgj6MsGXx2T7Lg7SUWz4FHaY142kHpiy+Raero6j0ak5OYLNjHu65jv 0+DzYT+JuLQ2ccr1TmdCEN6qYvqHpRlbG96KQdtyI6C88v79iVA68kFa8zqwIngI KdsCV52Y3vlWXmsG8kL1zvNj5LaAl0WFdTcM0Xta4Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1690915388; x=1691001788; bh=VRIZWpUW9ob4HYDcNjJSWNEl/wrNYtq9USQ 0oTAGDz4=; b=n6B6qFb4qCB7Slu4aVZZ0mRcaE1Qvgc+gxaaY7PfmJeTToFEpYQ +3FUfhigcVHFmy940KGATs+V/021RHXQdgTDPVlNztjc3aVxcultkKUcwaBOQNKR 3ntzvoEEdxkQgPuqTszjPfax5PPhUVjK7ECTe/2bbfI8N1PbEJu62c+00ep66nQq c32Cr73ul4l1+1yf3KDEkQADtZ9YHjIrvPDQpANANnyhqqZBExPMfuD8d7aPyL5G SaHnRrurd/Ucn+6495NGofASe4ykvFakddyPHIueLpm0d1HpvbpeenQVXZC8HfpQ abDLiT2kEL1+19TsH2ZxFVYKSrF2wgRpmsw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrjeeigdduvdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkjghfrhgfgggtgfesth hqredttderjeenucfhrhhomhepfdftohhnucfprghtrghlihgvfdcuoehrohhnsehrohhn nhgrthgrlhhivgdrtghomheqnecuggftrfgrthhtvghrnhepffduteevteffueethfelle dvtdefhfekhfdvgfehudejveeijeekvddvtdejveegnecuvehluhhsthgvrhfuihiivgep tdenucfrrghrrghmpehmrghilhhfrhhomheprhhonhesrhhonhhnrghtrghlihgvrdgtoh hm X-ME-Proxy: Feedback-ID: iaba146ad:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Tue, 1 Aug 2023 14:43:07 -0400 (EDT) From: "Ron Natalie" To: "The Eunuchs Hysterical Society" Date: Tue, 01 Aug 2023 18:43:07 +0000 Message-Id: In-Reply-To: References: User-Agent: eM_Client/9.2.1841.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Message-ID-Hash: BM3BA54TKCTEUL7KRB4KXWGBLMKQI4GI X-Message-ID-Hash: BM3BA54TKCTEUL7KRB4KXWGBLMKQI4GI X-MailFrom: ron@ronnatalie.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.6b1 Precedence: list Reply-To: Ron Natalie Subject: [TUHS] Re: shell escapes in utilities List-Id: The Unix Heritage Society mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: The Sendmail WIZ bug was but one of the security disasters from shell=20 escapes. I remember IBM sending me an early RS/6000. Booted the=20 thing up but had no clue what root or any other password was. So, I set to work hacking on it. Now this thing had a physical key on=20 the front. Off, On, and a Wrench symbol. OK, let=E2=80=99s try the wren= ch. =20 Boots up some sort of maintenance program. After playing around with=20 it a bit I find a help option. This starts up a paginator (more or pg=20 or something). Sure enough you can shell escape otu of that. =20 Instant root shell. Now it=E2=80=99s trivial to change the root password = and=20 reboot in normal mode. Yep, the need for shell escapes largely went away with windowing and job=20 control.