lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20031203202946.727B.0@argo.troja.mff.cuni.cz>
Date: Wed, 3 Dec 2003 20:36:10 +0100 (MET)
From: Pavel Kankovsky <peak@...o.troja.mff.cuni.cz>
To: Kyle Sallee <cromwell@...alab.unc.edu>
Cc: bugtraq@...urityfocus.com
Subject: Re: GNU screen buffer overflow


On Mon, 1 Dec 2003, Kyle Sallee wrote:

> > With devpts and libutempter it is possible to install fully functional
> > screen without suid/sgid.
> 
> Does that mean any program that links with libutempter gains
> complete suid/sgid root functionality, or only when executing 
> the functions in the libutempter library, please?

This means you do not need setuid root because devpts sets up the slave
pty owner and group automatically and you do not need direct access to
utmp/wtmp, e.g. via setgid utmp, because libtempter functions call an
external setgid utmp helper called utempter to modify those files (the
calling process is required to hold a corresponding master pty).

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ