Bugtraq mailing list archives
Making xlock setuid root
From: srompf () TELEMATION DE (Stefan Rompf)
Date: Fri, 6 Nov 1998 10:18:51 +0100
At 02:41 05.11.98 -0400, Aaron Campbell wrote:
It's hard to tell how serious this is, but I'm sure it could be harmful in some situations/environments. At any rate, a bug that should definitely be fixed, especially since xlock is normally set-user-ID root.
Instead of making xlock and other programs that need access to /etc/shadow setuid root, you can create a group named shadow, allow this group to read the shadow file and make all those programs setgid shadow. So if someone finds an exploit, all he can get is the shadow password file instead of immediate root access. This is nothing really new, I've tried it with xlock the first time in 1995, so I cannot understand why Unix distributions still ship with the program setuid to root. cu.. Stefan +--------------------------------------------------------------+ | Customer: I'm using Windows '95. Hotline: Ok, got that one. | | Customer: It's not working. Hotline: You already said that. | +--------------------------------------------------------------+
Current thread:
- Re: X11 cookie hijacker, (continued)
- Re: X11 cookie hijacker Alan Cox (Nov 03)
- Re: X11 cookie hijacker Olaf Kirch (Nov 05)
- [rootshell] Security Bulletin #25 Aleph One (Nov 03)
- Re: X11 cookie hijacker Willy TARREAU (Nov 04)
- Re: X11 cookie hijacker Casper Dik (Nov 04)
- Re: X11 cookie hijacker der Mouse (Nov 04)
- Regarding the reported DOS against the internal interface of a WatchGuard Rapid Response (Nov 04)
- IE 4.x does not appear to save custom security settings John Schultz (Nov 04)
- Re: X11 cookie hijacker David Dawes (Nov 04)
- xlock mishandles malformed .signature/.plan Aaron Campbell (Nov 04)
- Making xlock setuid root Stefan Rompf (Nov 06)