Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: numerous free/paid account systems are vulnerable to privledgeselevation attacks

From: Alexander Schreiber <alexander.schreiber () INFORMATIK TU-CHEMNITZ DE>
Date: Sat, 11 Nov 2000 00:01:13 +0100
Hi!

On Fri, 10 Nov 2000, Michal Zalewski wrote:


This problem is not related to any specific product or solution, but
affects pretty huge part of the ISP installations. The problem is a direct
effect of the default account creation policy launched by OpenBSD, RedHat,
and some other vendors, where every user has it's own, corresponding gid.


Debian 2.2 (potato) default install checks for this:

<cite>

boromir:~# adduser kmem
adduser: The group `kmem' already exists.

</cite>

You can create such a user with the useradd tool, but useradd defaults
to give this user gid 100 (users). You can of course explicitly specify
group kmem, but then
 - you are root,
 - you use useradd instead of the do-all-and-be-happy adduser
so you can be expected to know what you are doing.

Regards,
       Alex.

--
------------------------------------------------------------------------------
 EMail : als () thangorodrim de              | WWW : http://www.thangorodrim.de/
 "I think there's a world market for about five computers."
         -- attr. Thomas J. Watson (Chairman of the Board, IBM), 1943
Previous By Date Next
Previous By Thread Next

Current thread: