Bugtraq mailing list archives
setuid root programs and core dumps
From: rjq () phys ksu edu (Rob Quinn)
Date: Thu, 21 Jul 1994 21:28:52 -0500 (CDT)
If you setuid to root and run it as someone other than root, it just does a bus error and doesn't core dump!
Wasn't LD_LIBRARY_PATH also ignored by setuid programs? But people were still able to use it to break into root programs. Maybe something similar can be done here? -- | | | Rob Quinn | | rjq () phys ksu edu | | QuinnBob@KSUVM.BITNET |
Current thread:
- Re: Wall and talkd pass binary data Bob Page (Jul 19)
- Re: Wall and talkd pass binary data Craig Presson (Jul 20)
- <Possible follow-ups>
- Wall and talkd pass binary data Rob Quinn (Jul 19)
- Flash/talkd Patrick Mcdowell (Jul 20)
- Re: Flash/talkd Eric Wedaa (Jul 20)
- Re: Wall and talkd pass binary data a.e.mossberg (Jul 20)
- Flash/talkd Patrick Mcdowell (Jul 20)
- Re: Wall and talkd pass binary data Martin Sean Bennet - Sun UK - CSG Engineer (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Andrew Beckett (Jul 21)
- setuid root programs and core dumps Rob Quinn (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Paul Daw (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Evil Pete (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk pluvius (Jul 22)
- Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
- Is starting a user program on priv port via inetd dangerous ? Doug McLaren (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? Eric Murray (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? matthew green (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? Darren Reed (Jul 22)
- Re: Is starting a user program on priv port via inetd dangerous ? jmc () gnu ai mit edu (Jul 22)
- yes, there's another hole in BIND Paul A Vixie (Jul 21)