edit others user crontab, security bug
fwaggle
fwagglechop at gmail.com
Thu Sep 1 13:20:29 UTC 2016
> root# pw useradd -n www.promspecbud.com -g nobody -s /bin/sh -d /tmp
> root# pw useradd -n www.promspecbud.com.other -g nobody -s /bin/sh -d /tmp
I'm really sleepy so this might be wrong or outdated, but
aren't/weren't FreeBSD usernames limited to 16 characters? Seems to me
this probably relates to both the users being evaluated to the
username "www.promspecbud." or whatever.
--
James "fwaggle" Fraser
More information about the freebsd-security
mailing list