Bugtraq mailing list archives
Re: Possible root exploit in Linux povray
From: JYoungman () VGGAS COM (James Youngman)
Date: Thu, 30 Jul 1998 18:01:52 +0100
"des" == Dag-Erling Coidan Smørgrav <dag-erli () IFI UIO NO> writes:
des> Luke <luke () UTW COM> writes: >> In the official (3.02) release of povray for linux, the s-povray >> binary must be installed suid root to function (complains about >> not being able to open /dev/console without it). des> Can somebody please explain to me why a raytracing package des> needs root privs? Why does it even need access to the console des> at all? What's wrong with std{in,out,err}? IIRC, s-povray is the version which displays its result to the SVGA screen as it goes. It "needs"[1] root privileges in order to call iopl()/ioperm() so that it can do I/O against the hardware directly. SVGAlib drops root privileges immediately after its initialisation function is called, so most programs are insulated from the most immediate problems, but in some cases this is too late. IIRC the original poster didn't state if the segmentation fault is occuring before or after the executable drops its privs. [1] Yes, I don't like it either. A unified framebuffer or similar device would be a good idea. The variety of PC hardware is sometimes a drag.
Current thread:
- Possible root exploit in Linux povray Luke (Jul 28)
- <Possible follow-ups>
- Re: Possible root exploit in Linux povray Dag-Erling Coidan Smørgrav (Jul 29)
- Re: Possible root exploit in Linux povray James Youngman (Jul 30)