Bugtraq mailing list archives
system() call in suid programs
From: czetts () rpi edu (Not Joe)
Date: Fri, 14 Jun 1996 10:18:35 +22304652
Hello, I know that it is bad to use the system() system call in programs, especially ones that are suid root, and that it can be exploited fairly easily. Could somebody post or send me details how exploits based on the system() call work? Detail would be good, as I am supposed to explain the security implications to my boss at our next meeting. Thanks in advance. -Steve
Current thread:
- [linux-security] Big security hole in kerneld's request_route Igor Chudov @ home (Jun 13)
- system() call in suid programs Not Joe (Jan 03)
- Re: system() call in suid programs Valdis.Kletnieks () vt edu (Jun 14)
- Re: system() call in suid programs Max Hailperin (Jun 14)
- Publically writable directories Thomas Koenig (Jun 16)
- Re: Publically writable directories Neil Soveran-Charley (Jun 16)
- Re: Publically writable directories Brian Mitchell (Jun 17)
- Re: Publically writable directories Thomas Koenig (Jun 18)
- Re: Publically writable directories Bill Pemberton (Jun 18)
- Re: Publically writable directories Thomas Koenig (Jun 18)
- Re: system() call in suid programs Valdis.Kletnieks () vt edu (Jun 14)
- system() call in suid programs Not Joe (Jan 03)
- Re: Publically writable directories Bill Pemberton (Jun 17)
- Re: Publically writable directories David DeSimone (Jun 17)