Bugtraq mailing list archives
Re: procfs hole
From: brian () FIREHOUSE NET (Brian Mitchell)
Date: Sun, 10 Aug 1997 14:38:41 -0400
On Sun, 10 Aug 1997, Jonathan A. Zdziarski wrote: This would be a horrible solution. Someone is just going to chose another function to overwrite and do a setuid(0) and execve() of some shell.
Would disabling bash and sh (and any other shells that allowed this) be a good temporary solution? I've noticed you have to have it set as your default shell, so removing it from /etc/shells could prevent this. It's either that or disbale procfs (and I'm still not sure what the effects of that would be) ------------------------------------------------------------------------- Jonathan A. Zdziarski NetRail Incorporated Server Engineering Manager 230 Peachtree St. Suite 500 jonz () netrail net Atlanta, GA 30303 http://www.netrail.net (888) - NETRAIL -------------------------------------------------------------------------
Current thread:
- CERT Advisory CA-97.22 - BIND - the Berkeley Internet Name Daemon, (continued)
- CERT Advisory CA-97.22 - BIND - the Berkeley Internet Name Daemon Aleph One (Aug 14)
- Vulnerability in 4.4BSD rfork() implementation Thomas H. Ptacek (Aug 02)
- Linux clone() looks safe (Re: Vulnerability in 4.4BSD rfork() Jeff Epler (Aug 02)
- Re: Linux clone() looks safe (Re: Vulnerability in 4.4BSD rfork() Marc Slemko (Aug 03)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Eric Allman (Aug 06)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Eric Allman (Aug 07)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Gene Spafford (Aug 09)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Troy Bollinger (Aug 10)
- procfs hole Brian Mitchell (Aug 10)
- Re: procfs hole Jonathan A. Zdziarski (Aug 10)
- Re: procfs hole Brian Mitchell (Aug 10)
- Program To decrypt password in ws_ftp.ini JeBe (Aug 10)