Bugtraq: setuid root programs and core dumps

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

setuid root programs and core dumps

From: rjq () phys ksu edu (Rob Quinn)
Date: Thu, 21 Jul 1994 21:28:52 -0500 (CDT)

If you setuid to root and run it as someone other than root, it just
does a bus error and doesn't core dump!


 Wasn't LD_LIBRARY_PATH also ignored by setuid programs? But people were still
able to use it to break into root programs. Maybe something similar can be
done here?

-- 
|                                                                          |
|                                                                Rob Quinn |
|                                                         rjq () phys ksu edu |
|                                                    QuinnBob () KSUVM BITNET |

By Date By Thread

Current thread:

Re: Wall and talkd pass binary data, (continued)
- Re: Wall and talkd pass binary data Martin Sean Bennet - Sun UK - CSG Engineer (Jul 20)
  - Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
    - Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 20)
    - Re: Sending escape sequences to xterms via wall/talk Andrew Beckett (Jul 21)
    - setuid root programs and core dumps Rob Quinn (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk Paul Daw (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk Evil Pete (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk pluvius (Jul 22)
    - Is starting a user program on priv port via inetd dangerous ? Doug McLaren (Jul 21)