Date: Tue, 10 Jun 1997 21:40:01 +0200 From: Ollivier Robert <roberto@keltia.freenix.fr> To: freebsd-security@FreeBSD.ORG Subject: suid exploit (??) Message-ID: <19970610214001.05348@keltia.freenix.fr> In-Reply-To: <199706102254.WAA02221@FreeBSD.cs.nccu.edu.tw>; from Yuang Shuang-Long on Tue, Jun 10, 1997 at 10:54:54PM %2B0000 References: <199706102254.WAA02221@FreeBSD.cs.nccu.edu.tw>
next in thread | previous in thread | raw e-mail | index | archive | help
According to Yuang Shuang-Long: > I have a trouble that some users use the following prog. to get > root privilege, and the more they do some destructive thing. (eg. > delete some file /var/log/* :-( ) I need your help... I'm afraid I don't see how they can get root privs with this unless you have made it setuid root. The following lines can't executed only by root to succeed. This is on 3.0-CURRENT. To my knowledge, setuid/setgid has always been restricted to root (unless you want to become yourself). > if(setgid(pw->pw_gid) == -1) > perror("setgid"); > if(setuid(pw->pw_uid) == -1) > perror("setuid"); -- Ollivier ROBERT -=- FreeBSD: There are no limits -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 3.0-CURRENT #18: Sun Jun 8 15:32:28 CEST 1997
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970610214001.05348>