|
|
You find a hole in grex's security, and you can su to root, what do you do? do you use your powers to mess everything up? or do you tell staff about the hole?
8 responses total.
That's easy. I tell the staff. I do not make myself a root.
Call someone from staff *on the phone* so that they can close the hole as soon as possible. Otherwise, what zook said.
Tell staff, either on the phone or in mail, depending on how easy the hole seems to be to find. I generally don't go looking for such holes, so if I found it it would have to be a pretty obvious one.
Yupper, I'd tell someone.
This response has been erased.
I would probably e-mail staff while root... and explain how I found this hole.... then I'd probably forget it about it for awhile... I might use it to kill off extra processes, naaa I wouldn't...
I'm a pernicious little sprite, and I'd definitely have to tweak
someone's nose for a security hole like that ... though they're inevitable
in any UNIX system. But abuse it? Nah.
Tell Grex
Response not possible - You must register and login before posting.
|
|
- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss