Vulnerability Development: Re: nonsuid overflows... still at risk?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: nonsuid overflows... still at risk?

From: KF <dotslash () snosoft com>
Date: Wed, 06 Jun 2001 07:59:56 -0400

Michal Zalewski wrote:


Not really. As long as crontab itself is not broken, it should invoke vi
without additional priviledges.


Thats the part that I was wondering about ... the level of priviledges
at the point
that crontab invoked vi... I wasn't sure if some setreuid code could be
used or not... 
so I assume the same goes for more and pg ... just so long as the
programs that would call them are not in a state of elevated privs at
the point that $PAGER is used the hole should not be exploitable. 
-KF

By Date By Thread

Current thread:

Re: TCSH problems?, (continued)
- Re: nonsuid overflows... still at risk? Andrew R. Reiter (Jun 06)
- Re: nonsuid overflows... still at risk? Michal Zalewski (Jun 06)
  - Re: nonsuid overflows... still at risk? KF (Jun 06)
    - Re: nonsuid overflows... still at risk? Michal Zalewski (Jun 06)
    - Re: nonsuid overflows... still at risk? KF (Jun 06)
    - crontab and sgid (was: nonsuid overflows... still at risk?) Tomasz Grabowski (Jun 07)
    - Re: crontab and sgid (was: nonsuid overflows... still at risk?) Olaf Kirch (Jun 08)
    - Re: crontab and sgid (was: nonsuid overflows... still at risk?) Rafal Wojtczuk (Jun 09)
- Re: nonsuid overflows... still at risk? Bela Lubkin (Jun 07)