Vulnerability Development mailing list archives
Re: SUID server
From: antirez <antirez () linuxcare com>
Date: Mon, 20 Jan 1997 23:32:59 +0100
On Sun, Oct 01, 2000 at 11:34:24AM +0100, Adam Langley wrote:
Despite many peoples best efforts over many years, it seems that SUID programs cannot ever be secure. Just recently we have the traceroute bug - how long has traceroute been around?
SUID are often a problem _if_ bad coded, but I want to know what is the excuse if traceroute does not drop privileges after the raw socket and the data link layer are open. To send arbitrary packets or to sniff the net isn't bad as to gain root. All guys in this list are able to audit 10 lines of code: open the special sockets, drop privileges, do the work, so what's the problem with traceroute? It's a suid shipped with all OSes for years that does not follows a secure programming FAQ: Drop the privileges ASAP if you can. The same problem with the ping program, that was too often target of vulnerabilities (bofs, sig allarm bomb, ...). regards, antirez -- Salvatore Sanfilippo, Open Source Developer, Linuxcare Italia spa +39.049.80 43 411 tel, +39.049.80 43 412 fax antirez () linuxcare com, http://www.linuxcare.com/ Linuxcare. Support for the revolution.
Current thread:
- SUID server Adam Langley (Oct 01)
- Re: SUID server antirez (Oct 02)
- Re: SUID server Philipp Buehler (Oct 02)
- Re: SUID server J C Lawrence (Oct 02)
- Re: SUID server Philipp Buehler (Oct 03)
- Re: SUID server J C Lawrence (Oct 02)
- <Possible follow-ups>
- Re: SUID server Kay Three (Oct 10)