lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 2 Jul 2003 17:07:29 -0400
From: Carlos Villegas <villegas@...h.gatech.edu>
To: Michal Zalewski <lcamtuf@...ttot.org>
Subject: Re: Red Hat 9: free tickets



This way of attack seems useless to me. This is also used on RH 8.0
systems, and for both 8.0 and 9 systems:

drwx------    4 root     root         4096 Jun 27 08:43 /var/run/sudo

Which means that if the packages are properly built (and will make sure 
that this directory gets this permissions if it existed before the
rpm is installed), this attack will gain you nothing, since you need
to be root to exploit it. If you can get root access to make this
attack possible, then you might as well launch a shell instead.

Carlos

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ