Bugtraq mailing list archives
Semaphores/Setuid root... problem?
From: pwh () bradley bradley edu (Pete Hartman)
Date: Thu, 9 Feb 95 16:15:28 -0600
I just discovered that an engineering package I've installed relies on a product called "interbase" that, in addition to being stupidly unable to run correctly from/on NFS filesystems, seems to require setuid root/setgid bin programs that manage software via semaphores. This seems a ridiculous requirement--are root/bin privs *really* necessary to use semaphores under SunOS 4.1.3? More importantly, does anyone know of any way to subvert semaphores themselves when running as root? It's unclear looking at this software so far whether it honors any command line arguments, but from preliminary tracing, I'm inclined to think not (but I have a request in to the vedor to verify both the necessity of setuid and the operation of the programs). If this is an inappropriate question for this list, I'd appreciate if the moderator would let me know rather than simply dropping me. It seems relevant to me, and if it isn't perhaps some more specific guideliness would be in order....
Current thread:
- Re: Request for discussion., (continued)
- Re: Request for discussion. Aleph One (Feb 07)
- Re: Request for discussion. Julian Assange (Feb 08)
- Re: Request for discussion. Casper Dik (Feb 08)
- Re: Request for discussion. Karl Strickland (Feb 08)
- Re: Request for discussion. Casper Dik (Feb 08)
- Sniffer FAQ Christopher Klaus (May 27)
- Security FAQes Update Christopher Klaus (May 27)
- Re: Request for discussion. Silicon Avatar (Feb 09)
- X authentication Timothy Newsham (Feb 09)
- Re: X authentication Stephen Gildea (Feb 10)
- Semaphores/Setuid root... problem? Pete Hartman (Feb 09)