1
edit
The Plop Incident: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
The write patch was written by grimnar, and installed after some minimal testing by John Bolger. This minimalist testing proved to be a big mistake, as the testing missed a dangerous security flaw in the write patch. This flawed patch was installed on the live system on October 21st, 1998 | The write patch was written by grimnar, and installed after some minimal testing by John Bolger. This minimalist testing proved to be a big mistake, as the testing missed a dangerous security flaw in the write patch. This flawed patch was installed on the live system on October 21st, 1998 | ||
On October 22nd, | On October 22nd, plop discovered this flaw and left an easy exploit in /tmp and posted about it on the redbrick newsgroups. The admins or the author of the patch were never directly informed that the security flaw existed, or where it was. | ||
After an unexplained system crash on the evening of October 22nd <em>citation needed</em>, John retrieved the source code for the exploit from plop's home directory, without permission of either the committee or plop himself. | |||
Almost immediately all hell broke lose. Plop made an official complaint about breach of privacy, and posted notice of what happened to every newsgroup and to every member. The next morning John stepped down as co-opted admin, pending an inquiry into what happened and a vote from the membership if he was right or wrong. A committee meeting ruled that plop should be disusered for 110 days, which eventually led to a complaint to the SPC. In the end both John and plop apologised to each other in public on the news group system. | Almost immediately all hell broke lose. Plop made an official complaint about breach of privacy, and posted notice of what happened to every newsgroup and to every member. The next morning John stepped down as co-opted admin, pending an inquiry into what happened and a vote from the membership if he was right or wrong. A committee meeting ruled that plop should be disusered for 110 days, which eventually led to a complaint to the SPC. In the end both John and plop apologised to each other in public on the news group system. | ||
| Line 14: | Line 16: | ||
x | x | ||
=== Plop's Comments === | |||
I don't believe there was a system crash that day. I suspect that John Bolger was embarassed that I posted an exploit on the redbrick newsgroups for code he reviewed (which is relatively harmless, write is a program with few privileges). The root exploit I used to catch John Bolger going through my files was in a chsh tool written by redbrick admin (and frequent poster on secure programming) John Looney. He had a habit of using the system() function to run commands from suid programs, which was susceptible to an IFS exploit on the version of solaris redbrick ran at the time. | |||
[[User:Plop|Plop]] | |||
=============================================================================== | =============================================================================== | ||