mailing list archives
Re: load.root (loadmodule hole)
From: Brad.Powell () Eng Sun COM (Brad Powell)
Date: Fri, 15 Sep 1995 16:12:54 -0700
From owner-bugtraq () CRIMELAB COM Fri Sep 15 15:46:48 1995
Am I overlooking something obvious here, or would simply turning off the
set-UID bit on "loadmodule" be an acceptable temporary workaround for
Fred Blonder fred () nasirc hq nasa gov
Hughes STX Corp. (301) 441-4079
7701 Greenbelt Rd.
Greenbelt, Md. 20770
turning of the suid bit works *mostly*
of course don't expect to be able to run openwindows :-)
I say mostly because there is still the problem if the process running
is running as root, as well as the problem of if another
setuid executable calls loadmodule.
Neither of these is as big a problem, but they are still there.
Calling system() has never been a smart thing, just a simple thing.
Brad Powell : brad.powell () Sun COM
Sr. Network Security Consultant
SunNetworks, Sun Microsystems Inc.
The views expressed are those of the author and may
not reflect the views of Sun Microsystems Inc.