Bugtraq: Re: First patch :)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: First patch :)

From: chris () FERRET LMH OX AC UK (Chris Evans)
Date: Sat, 30 May 1998 00:30:37 +0100


Hi,

The "ruid" idea and prevent exec/fork of suid programs, is a nice idea but
is really security through obscurity.

If a hacker knows this patch is in place, he just replaces the shellcode
so instead of doing:

syscall exec /bin/sh

it does

syscall chmod 666 /etc/passwd

or any other exciting piece of code you care to run. You need not launch a
separate process to run it.

Cheers
Chris

By Date By Thread

Current thread:

First Patch :) Peter 'Goober' Kosinar (May 28)
- Re: First Patch :) Aleph One (May 29)
  - Re: First Patch :) Aleph One (May 29)
- Re: First Patch :) Darren Reed (May 30)
- <Possible follow-ups>
- Re: First patch :) Chris Evans (May 29)
- Re: First Patch :) Jim Dennis (May 30)