Bugtraq mailing list archives
Re: IFS hole?
From: jsz () ramon bgu ac il (Yonathan)
Date: Wed, 15 Dec 93 17:41:51 IST
abeckett () fmlrnd co uk has said
However, I agree with Peter that the LD_LIBRARY_PATH could be abused, but this is likely to be a general problem and not just one to do with programs that exec other programs.
It's not like it *COULD* be abused. Every man and his dog can abuse it. Give me SunOS, shared libraries & LD_* crap, I will give you root access, or something. sekurity. -- Jonathan jsz () sekurity netsys com jsz () crimelab com jsz () mtv com
Current thread:
- Re: IFS hole? Yonathan (Dec 15)
- Re: IFS hole? abeckett () fmlrnd co uk (Dec 15)
- <Possible follow-ups>
- Re: IFS hole? mark kraitchman (Dec 15)
- Re: IFS hole? Greg Woods (Dec 15)
- IFS hole? Karyn Pichnarczyk (Dec 15)
- Re: IFS hole? henry strickland (Dec 15)
- Re: IFS hole? Peter shipley (Dec 15)
- Re: IFS hole? Rik Harris (Dec 15)
- Re: IFS hole? Christopher Davis (Dec 17)