Bugtraq mailing list archives
Re: RSI.0012.12-03-98.SOLARIS.MKCOOKIE
From: nr63580 () IMCNAM SBI COM (Readwin, Neil)
Date: Mon, 7 Dec 1998 13:39:05 -0500
A stupid question: why does mkcookie need the s-bit?
On Solaris mkcookie opens /dev/mem and reads about 8MB of it. mkcookie will run and generate a new cookie if you remove the suid bit, but I guess said cookie will be, umm, less random.
Current thread:
- RSI.0012.12-03-98.SOLARIS.MKCOOKIE RSI Advise (Dec 03)
- Re: RSI.0012.12-03-98.SOLARIS.MKCOOKIE Pavel Kankovsky (Dec 04)
- <Possible follow-ups>
- Re: RSI.0012.12-03-98.SOLARIS.MKCOOKIE Readwin, Neil (Dec 07)
- Exploitable buffer overflow in bootpd (most unices) Willem Pinckaers (Jun 24)
- Re: Exploitable buffer overflow in bootpd (most unices) Chris Evans (Dec 13)
- Triteal release updated CDE with security fixes Alan Cox (Dec 13)
- Wietse's Postfix (was VMailer) software release Wietse Venema (Dec 13)
- Re: RSI.0012.12-03-98.SOLARIS.MKCOOKIE Chris Wedgwood (Dec 10)
- FW: ISSalert: ISS Security Advisory: HP JetDirect TCP/IP problems Phear Me (Dec 11)
- Pine 4.05 patches GvS (Dec 12)
- Microsoft's Network Monitor - Buffer Overrun / Page Fault / mnemonix (Dec 12)
- Exploitable buffer overflow in bootpd (most unices) Willem Pinckaers (Jun 24)