Bugtraq mailing list archives
Re: Sending escape sequences to xterms via wall/talk
From: stewart () networx com (Christopher A. Stewart)
Date: Fri, 22 Jul 1994 03:31:58 +0800
"Paul" == Paul Daw <pauld () pyramid com> writes:
Paul> On Jul 21, 2:21, "Christopher A. Stewart" wrote:
>> Subject: Re: Sending escape sequences to xterms via wall/talk
>> >>>>> "Mike" == Mike Raffety <mike_raffety () il us swissbank com>
>> writes:
>>
Mike> setuid programs don't produce core dumps; it's a security
Mike> feature.
>> Huh? What *NIX are you using? I've not noticed that behavior..
>>
>> -- End of excerpt from "Christopher A. Stewart"
Paul> Hmm. I didn't think that this was the case either, but I
Paul> just tried it (on a Pyramid MIS-T,) and I can't get any suid
Paul> programs to dump core. Using the same test cases, non-suid
Paul> programs dump core dependably.
Paul> This makes sense if you think about it. Suppose I was
Paul> running /bin/passwd, I had just entered in my password, and
Paul> then passwd core dumped for some reason. The core image
Paul> would have my clear text password stored in it.
Paul> Of course, one could argue that the core should still be
Paul> dumped, but be mode 400 and owned by the suid owner, but
Paul> that isn't happening, at least in my case.
There is at least one circumstance in which you can get a core from a
setuid program, at least on Solaris and probably SunOS. I was fairly
certain of this, as I've worked on programs that where setuid, and
used core files to do some debugging.. Since it was in this context, I
never encounted the security feature..
I just verified in on Solaris by doing the following.. The subject of
the expreiment was the zcat incarnation of gzip from gnu.. I setuid
zcat to myself and then did 'zcat -f' and hit it with the quit
character from the keyboard. It produced a core if I was myself, but
didn't if I was any other user (including root).
Sorry for wasting bandwidth on this.. I responded based on a limited
set of experiances..
--
----------------------------------------------------------------------
Christopher A. Stewart | (Standard disclaimers are in effect)
System/Network Adminstrator |
Legent Corp. Networx Div. |
Bellevue, Wa. 98004 |
Voice (206)-688-2154 |
Fax (206)-688-2050 |
Current thread:
- Flash/talkd, (continued)
- Flash/talkd Patrick Mcdowell (Jul 20)
- Re: Flash/talkd Eric Wedaa (Jul 20)
- Re: Wall and talkd pass binary data a.e.mossberg (Jul 20)
- Flash/talkd Patrick Mcdowell (Jul 20)
- Re: Wall and talkd pass binary data Martin Sean Bennet - Sun UK - CSG Engineer (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Andrew Beckett (Jul 21)
- setuid root programs and core dumps Rob Quinn (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Paul Daw (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Evil Pete (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk pluvius (Jul 22)
- Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
- Is starting a user program on priv port via inetd dangerous ? Doug McLaren (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? Eric Murray (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? matthew green (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? Darren Reed (Jul 22)
- Re: Is starting a user program on priv port via inetd dangerous ? jmc () gnu ai mit edu (Jul 22)
- yes, there's another hole in BIND Paul A Vixie (Jul 21)
- Re: yes, there's another hole in BIND Resident Hacker (Jul 22)
- Re: yes, there's another hole in BIND Paul A Vixie (Jul 22)
- Re: yes, there's another hole in BIND Perry E. Metzger (Jul 22)