Product: some scripts shipped with suse 9.0 Date: 20.01.2004 Author: l0om greetings, i have done a litte reseach on a SuSE linux 9.0 box for possible symlink attacks. i have checked nearly every script i could found on the system. i havent found much and nothing very special.i dont have a clue if the following scripts are somewhere on the system executed but maybe someone useses them in a script or something like that. ** /usr/X11R6/bin/fvwm-bug [...] TEMP=/tmp/fvwm-bug.$$ [...] cat > $TEMP < /tmp/xf86debug.1.log echo "Debugger output written to /tmp/ xf86debug.1.log." #thx for that info [...] ** /opt/kde3/bin/winpopup-send.sh echo "$2" > /tmp/.winpopup-new echo `date +"%a %l:%m %p"` >> /tmp/.winpopup-new cat "$1" | tr "\000" "\012" >> /tmp/.winpopup-new mv -f /tmp/.winpopup-new /tmp/.winpopup ** /sbin/lvmcreate_initrd [...] DEVRAM=/tmp/initrd.$$ [...] verbose "using $DEVRAM as a temporary loopback file" #thx for that info dd if=/dev/zero of=$DEVRAM count=$INITRDSIZE bs=1024 > /dev/null 2>&1 [...] ********** greets @ proxy, takt, maximilian, sirius, dna, fe2k, xnet, zexl rest of excluded.org nofx, rancid, bad religion, less than jake ... www.excluded.org --l0om have Phun!