Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Root compromise via zgv
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Tue, 27 Oct 1998 14:08:41 +0000


Answer 1. Besides port access granted by ioperm/iopl, svgalib needs write
access to /dev/mem to operate. Therefore svgalib keeps an open
descriptor ( number three usually ) to /dev/mem ( is it true in all cases ?
can someone confirm that authoritatively ? ). So, we can modify our uid

[It does not need to, its yet another svgalib bug if it does.]

And the answer to svgalib as a whole is 'before installing this package
read back 2 years of bugtraq and tell me why you are installing it'

Alan



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]