Home page logo

bugtraq logo Bugtraq mailing list archives

ld.so bug - LD_DEBUG_OUTPUT follows symlinks
From: Jakub Vlasek <jv () PILSEDU CZ>
Date: Tue, 26 Sep 2000 02:11:12 +0200

   ld.so from glibc2 doesn't unset variables LD_DEBUG_OUTPUT and LD_DEBUG
when running suid. If program calls setuid(0) and then fork(), child
process will follow prepared symlink ($LD_DEBUG_OUTPUT.$pid) and
overwrites any file in system.

Jakub Vlasek

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]