Bugtraq mailing list archives

Re: Possible Linuxconf Vulnerability

From: gonzo () RRNET COM (Patrick J. Volkerding)
Date: Sat, 1 May 1999 14:03:25 -0500


On Sat, 1 May 1999, Desync wrote:

Where do you draw the line between poor system managment and exploitable
programs. If I set suid root on /bin/bash, is that to say its an
exploit?

Obviously, someone would have to remove clock for this to occur. Which
would conclude that either A) you had incorrect permissions for clock B)
they had allready used some means of another true exploit to cause other
program to misbehave.


Not necessarily.  Maybe there was never a 'clock' on the system to begin
with;  since the real 'clock' binary was phased out of the util-linux
sources a year or so ago, what you get varies by Linux distribution.  On
Red Hat, 'clock' is a symbolic link to 'hwclock', a newer utility.  On
Slackware, we continue to maintain a 'clock' binary as part of our
util-linux package (in addition to the newer 'hwclock').  Other
distributions may not provide any binary or link for 'clock', relying
solely on 'hwclock'.

Take care,

Pat

Current thread:

Re: Possible Linuxconf Vulnerability Desync (May 01)
- Re: Possible Linuxconf Vulnerability Patrick J. Volkerding (May 01)
- Re: Possible Linuxconf Vulnerability Neale Banks (May 03)
- FW: NT Security: Domain user adding self to Domain Admin group. Gary Kalbfleisch (May 03)
- MSIE 5 favicon bug Flavio Veloso (May 03)
- <Possible follow-ups>
- Re: Possible Linuxconf Vulnerability Dan Merillat (May 05)