Bugtraq mailing list archives
Re: Root compromise via zgv
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Tue, 27 Oct 1998 14:08:41 +0000
Answer 1. Besides port access granted by ioperm/iopl, svgalib needs write access to /dev/mem to operate. Therefore svgalib keeps an open descriptor ( number three usually ) to /dev/mem ( is it true in all cases ? can someone confirm that authoritatively ? ). So, we can modify our uid
[It does not need to, its yet another svgalib bug if it does.] And the answer to svgalib as a whole is 'before installing this package read back 2 years of bugtraq and tell me why you are installing it' Alan
Current thread:
- Root compromise via zgv Nergal (Oct 19)
- Similar Internet Explorer security problem Harry (Dec 31)
- Re: Firewall-1 Security Advisory David S. Goldberg (Oct 27)
- Re: Root compromise via zgv Alan Cox (Oct 27)