Bugtraq mailing list archives

Re: Sending escape sequences to xterms via wall/talk

From: pluvius () dragon achilles net (pluvius)
Date: Fri, 22 Jul 1994 13:32:46 -0400 (EDT)

I just verified in on Solaris by doing the following.. The subject of
the expreiment was the zcat incarnation of gzip from gnu.. I setuid
zcat to myself and then did 'zcat -f' and hit it with the quit
character from the keyboard. It produced a core if I was myself, but
didn't if I was any other user (including root).


 atleast in HP-UX, probably other systems too, a setuid program will
only dump core if uid == euid
ie:
main()
{
 char *foo;
   setuid(geteuid()); 
   fgets(foo); /* <-- boom */
}

will dump core if setuid, but

main()
{
 char *foo;
   fgets(foo); /* <-- boom */
}

will not unless run by whoever the program is setuid to.

Current thread:

Re: Flash/talkd, (continued)
- - - Re: Flash/talkd Eric Wedaa (Jul 20)
  - Re: Wall and talkd pass binary data a.e.mossberg (Jul 20)
- Re: Wall and talkd pass binary data Martin Sean Bennet - Sun UK - CSG Engineer (Jul 20)
  - Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
    - Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 20)
    - Re: Sending escape sequences to xterms via wall/talk Andrew Beckett (Jul 21)
    - setuid root programs and core dumps Rob Quinn (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk Paul Daw (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk Evil Pete (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 21)
    - Re: Sending escape sequences to xterms via wall/talk pluvius (Jul 22)
    - Is starting a user program on priv port via inetd dangerous ? Doug McLaren (Jul 21)
    - Re: Is starting a user program on priv port via inetd dangerous ? Eric Murray (Jul 21)
    - Re: Is starting a user program on priv port via inetd dangerous ? matthew green (Jul 21)
    - Re: Is starting a user program on priv port via inetd dangerous ? Darren Reed (Jul 22)
    - Re: Is starting a user program on priv port via inetd dangerous ? jmc () gnu ai mit edu (Jul 22)
    - yes, there's another hole in BIND Paul A Vixie (Jul 21)
    - Re: yes, there's another hole in BIND Resident Hacker (Jul 22)
    - Re: yes, there's another hole in BIND Paul A Vixie (Jul 22)
    - Re: yes, there's another hole in BIND Perry E. Metzger (Jul 22)
    - Re: yes, there's another hole in BIND Pat Myrto (Jul 22)

(Thread continues...)