Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: IFS hole?
From: abeckett () fmlrnd co uk (abeckett () fmlrnd co uk)
Date: Wed, 15 Dec 93 16:02:11 GMT


abeckett () fmlrnd co uk has said


However, I agree with Peter that the LD_LIBRARY_PATH could be abused,
but this is likely to be a general problem and not just one to do with
programs that exec other programs.



It's not like it *COULD* be abused. Every man and his dog can abuse it.
Give me SunOS, shared libraries & LD_* crap, I will give you root access,
or something. sekurity.

-- Jonathan


Just my "quaint" English way of saying things. Of course it can be abused.

Andrew.

***********************************************************************
* Andrew Beckett                  *                                   *
* Senior Design Engineer          *                                   *
* Fujitsu Microelectronics Ltd    *                                   *
* Highway House                   * phone    : (0628) 71116           *
* Norreys Drive                   * fax      : (0628) 773990          *
* Maidenhead. Berks SL6 4BW       * email    : a.beckett () fmlrnd co uk *
***********************************************************************



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]