Home page logo

bugtraq logo Bugtraq mailing list archives

Re: load.root (loadmodule hole)
From: Brad.Powell () Eng Sun COM (Brad Powell)
Date: Fri, 15 Sep 1995 16:12:54 -0700

From owner-bugtraq () CRIMELAB COM  Fri Sep 15 15:46:48 1995
Am I overlooking something obvious here, or would simply turning off the
set-UID bit on "loadmodule" be an acceptable temporary workaround for
most sites?
Fred Blonder            fred () nasirc hq nasa gov

Hughes STX Corp.        (301) 441-4079
7701 Greenbelt Rd.
Greenbelt, Md.  20770

turning of the suid bit works *mostly*

 of course don't expect to be able to run openwindows :-)

I say mostly because there is still the problem if the process running
is running as root, as well as the problem of if another
setuid executable calls loadmodule.

Neither of these is as big a problem, but they are still there.

Calling system() has never been a smart thing, just a simple thing.

Brad Powell : brad.powell () Sun COM
Sr. Network Security Consultant
SunNetworks, Sun Microsystems Inc.
               The views expressed are those of the author and may
                  not reflect the views of Sun Microsystems Inc.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]