Home page logo

bugtraq logo Bugtraq mailing list archives

Re: procfs hole
From: brian () FIREHOUSE NET (Brian Mitchell)
Date: Sun, 10 Aug 1997 14:38:41 -0400

On Sun, 10 Aug 1997, Jonathan A. Zdziarski wrote:

This would be a horrible solution. Someone is just going to chose another
function to overwrite and do a setuid(0) and execve() of some shell.

Would disabling bash and sh (and any other shells that allowed this) be a
good temporary solution?  I've noticed you have to have it set as your
default shell, so removing it from /etc/shells could prevent this.  It's
either that or disbale procfs (and I'm still not sure what the effects of
that would be)

Jonathan A. Zdziarski                                NetRail Incorporated
Server Engineering Manager                    230 Peachtree St. Suite 500
jonz () netrail net                                        Atlanta, GA 30303
http://www.netrail.net                                    (888) - NETRAIL

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]