On Aug 26, 2004, Sylvain Munaut <[EMAIL PROTECTED]> wrote: > It was a distcc 2.13, I know it's not the latest one. And it was > exploited to gain a localshell as the distcc user.
Err... Exploited? distcc is designed to run whatever command it's sent in the request packet. It is generally a compiler name, but it might as well be /bin/sh, with a shell script as the `preprocessed' sources. -- Alexandre Oliva http://www.ic.unicamp.br/~oliva/ Red Hat Compiler Engineer [EMAIL PROTECTED], gcc.gnu.org} Free Software Evangelist [EMAIL PROTECTED], gnu.org} __ distcc mailing list http://distcc.samba.org/ To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/distcc
