Date: Tue, 10 Jun 1997 21:40:01 +0200 From: Ollivier Robert <roberto@keltia.freenix.fr> To: freebsd-security@FreeBSD.ORG Subject: suid exploit (??) Message-ID: <19970610214001.05348@keltia.freenix.fr> In-Reply-To: <199706102254.WAA02221@FreeBSD.cs.nccu.edu.tw>; from Yuang Shuang-Long on Tue, Jun 10, 1997 at 10:54:54PM %2B0000 References: <199706102254.WAA02221@FreeBSD.cs.nccu.edu.tw>
next in thread | previous in thread | raw e-mail | index | archive | help
According to Yuang Shuang-Long:
> I have a trouble that some users use the following prog. to get
> root privilege, and the more they do some destructive thing. (eg.
> delete some file /var/log/* :-( ) I need your help...
I'm afraid I don't see how they can get root privs with this unless you
have made it setuid root.
The following lines can't executed only by root to succeed. This is on
3.0-CURRENT. To my knowledge, setuid/setgid has always been restricted to
root (unless you want to become yourself).
> if(setgid(pw->pw_gid) == -1)
> perror("setgid");
> if(setuid(pw->pw_uid) == -1)
> perror("setuid");
--
Ollivier ROBERT -=- FreeBSD: There are no limits -=- roberto@keltia.freenix.fr
FreeBSD keltia.freenix.fr 3.0-CURRENT #18: Sun Jun 8 15:32:28 CEST 1997
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970610214001.05348>