Tweet
Is
Doug - I agree with you totally. I would like to point out that an exploit such as the one described in the PHRACK article would require some relatively high level of system access in order to compile and replace (or add) the exit point program. I would suppose that it would be the same high level of system access as that described by John Earl in this thread for the DMPSYSOBJ command. Either of these two exploits would be effective on a system with neglected security but I have my doubts as to how effective each would be on a system where security is something other than a passing thought. I believe that is also your point - pay attention to the security of your system. Thanks, Steve
Doug - I agree with you totally. I would like to point out that an exploit such as the one described in the PHRACK article would require some relatively high level of system access in order to compile and replace (or add) the exit point program. I would suppose that it would be the same high level of system access as that described by John Earl in this thread for the DMPSYSOBJ command. Either of these two exploits would be effective on a system with neglected security but I have my doubts as to how effective each would be on a system where security is something other than a passing thought. I believe that is also your point - pay attention to the security of your system. Thanks, Steve
Comment