Bugtraq mailing list archives

Re: MAGIC PIDs (was Re: magic??)

From: shipley () merde dis org (Pete Shipley)
Date: Thu, 02 Feb 1995 03:28:23 -0800


the other day, i happened to join a conversation about Unix security with
a couple of fellows at a local bookstore.  one of them mentioned the "magic"
hole.  i have heard mention of this hole before, but i assumed the hole
no longer existed.  apparently, this was a hole in /bin/login.

This is probably associated with the MAGIC PID SUBSYSTEM which has
been implemented on a number of popular UNIX's.  Basically processes
that acquire a MAGIC PID have special powers and can do 'magical' things.

If a hole is found in a program (such as /bin/login) which is executing
in a process with a MAGIC PID, it is said to have a 'magic hole'.

LINUX is generally recognised as having the most complete MAGIC PID
implementation.  The benefits of MAGIC PIDs was discussed widely on IRC's
#unix and #root about 12 months ago.  For more info, I guess you could
try the usenet LINUX or security groups.


gee like what magical things? please more detail..


                -Pete

Current thread:

magic?? robert owen thomas (Feb 01)
- MAGIC PIDs (was Re: magic??) Karl Strickland (Feb 01)
  - Passwords Rich (Feb 02)
  - Re: MAGIC PIDs (was Re: magic??) Pete Shipley (Feb 02)
    - Re: MAGIC PIDs (was Re: magic??) Reto Lichtensteiger (Feb 02)
    - SEX (fwd) Karl Strickland (Feb 02)
    - Re: SEX (fwd) Liat Yeow (Feb 03)
    - Re: SEX (fwd) John J. Kinyon (Feb 03)
    - Re: SEX (fwd) Aleph One (Feb 03)