Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: First patch :)
From: chris () FERRET LMH OX AC UK (Chris Evans)
Date: Sat, 30 May 1998 00:30:37 +0100


Hi,

The "ruid" idea and prevent exec/fork of suid programs, is a nice idea but
is really security through obscurity.

If a hacker knows this patch is in place, he just replaces the shellcode
so instead of doing:

syscall exec /bin/sh

it does

syscall chmod 666 /etc/passwd

or any other exciting piece of code you care to run. You need not launch a
separate process to run it.

Cheers
Chris



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]