[rescue] SGI fw_sshd and security

Jonathan C. Patschke jp at celestrion.net
Sun Mar 7 13:45:28 CST 2004

On Sun, 7 Mar 2004, Dave McGuire wrote:

>    I hate to point this out, but generally speaking, someone needs to
> already own the box to overwrite libwrap.so.

I am, indeed, aware of that.

However, on some OSes, particularly IRIX, there have been a -lot- of
kinda-sorta exploits that let you overwrite local files.  On IRIX in
particular, dylinking security libraries is a Bad Idea.  You could
theoretically overwrite libwrap.so with a trojaned one, and the would be
a lot harder to detect than fudging entries in /etc/hosts.allow.

Jonathan Patschke  ) "Being on the Internet is not the same as being
Elgin, TX         (   famous.  That's like calling Cheetos 'dinner'."
USA                )                                    --Metal Steve

More information about the rescue mailing list