[TUHS] History of exploits - request for authors

Dave Horsfall dave at horsfall.org
Tue Dec 19 11:08:21 AEST 2017


On Mon, 18 Dec 2017, Arrigo Triulzi wrote:

[...]

> I hope a few of you will want to contribute something to the collection, 
> there is still space for the January 2018 edition if anyone is so 
> inclined.

Depends on exactly what you want; I don't have time to document my, err, 
past before your deadline, but my favourites under Edition 6 would be:

     Planting 0 into u.u_uid via the switch register (physical access reqd).

     Planting same, but by sending a negative signal to yourself.

     And the usual run of insecure directory permissions etc.

     Planting trojans such as "pwd" called with 17 args (and same size!).

     Leaving a "login" simulator on a terminal (quite common).

And on KRONOS, you could get system privileges quite easily on a terminal.

With OS/360, you dumped low memory and traced where "SVC 254" went.

Is that the sort of stuff you're after?

-- 
Dave Horsfall DTM (VK2KFU)  "Those who don't understand security will suffer."


More information about the TUHS mailing list