it consultancy

Shell access users can use popper to create root owned files malware

Shell access users can use popper to create root owned files details

  • Description

    On systems that have /var/spool/mail mode 'drwsrwxrwt' and use the Berkeley popper daemon, users that have access to /var/spool/mail (ie. a user with a shell login) can create arbitrary root owned files on the host that popper is executed on.