Bugtraq mailing list archives
Re: Yesterday this would have worked... (fwd)
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Sat, 17 Dec 1994 07:34:50 -0500
Here is the original message posted with permission, 10 points to anyone who can spot the supposed flaw in the BSDI O/S with this.
Looks to me as though exec() sets the UID on the process per setuid bits before it checks for arguments too long, and doesn't take care to undo this properly in that case.
BTW, anyone care to comment if this should be replicable across platforms?
Depends on where the bug came from. If it's one of those ever-since-V7 bugs it should be widespread; if it's a fumble-fingers mistake from BSDI it's probably not elsewhere. I'm sure everyone can imagine variations. I'm certainly going to test _my_ systems! der Mouse mouse () collatz mcrcim mcgill edu
Current thread:
- Yesterday this would have worked... (fwd) Matthew Harding (Dec 16)
- <Possible follow-ups>
- Re: Yesterday this would have worked... (fwd) der Mouse (Dec 17)
- Re: Yesterday this would have worked... (fwd) Timothy Newsham (Dec 17)
- Sun Patch Id #102060-01 Mitch Wright (Dec 18)
- Re: Sun Patch Id #102060-01 Alain Durand (Dec 19)
- Re: Sun Patch Id #102060-01 Karl Strickland (Dec 19)