Bugtraq mailing list archives
Re: TESO & C-Skills development advisory -- imwheel
From: whitevampire () MINDLESS COM (WHiTe VaMPiRe)
Date: Sun, 19 Mar 2000 11:31:56 -0500
On Thu, Mar 16, 2000 at 02:38:47PM +0100, Sebastian(krahmer () CS UNI-POTSDAM DE) wrote: : TESO Security Advisory : 2000/03/13 : : imwheel local root compromise The Slackware package available from Linuxmafia.org (http://linuxmafia.org/pcentral/search_view.php3?name=imwheel) is not effected by this, as it does not package with the SUID wrapper. (The binary included is also not set SUID.) This is with version 0.9.6 of imwheel. A SUID wrapper should simply not be necessary in the first place. As far as I can tell the standard package of imwheel 0.9.7 does not have a wrapper. However, during 'installation,' it will prompt you asking whether or not to install SUID. An excerpt from the Makefile: ## Setting UID, this is best for non-root usage! ## This does not effect usage for root users. (duh!) ## This gives all users kill privileges for other imwheel processes. Judging from that, if you setup imwheel to be started via the users' xinit scripts, and killed upon logout, it would have the same function. To reiterate, SUID is just a quick cop-out for a better setup. If it is a one-user desktop machine, even less than that would have to be done. Regards, -- __ ______ ____ / \ / \ \ / / WHiTe VaMPiRe\Rem \ \/\/ /\ Y / whitevampire () mindless com \ / \ / http://www.projectgamma.com/ \__/\ / \___/ http://www.gammaforce.org/ \/ "Silly hacker, root is for administrators." <HR NOSHADE> <UL> <LI>application/pgp-signature attachment: stored </UL>
Current thread:
- TESO advisory -- wmcdplay krahmer () CS UNI-POTSDAM DE (Mar 11)
- Our old friend Firewall-1 Chris Brenton (Mar 11)
- Re: Our old friend Firewall-1 Hugo.van.der.Kooij () CAIW NL (Mar 14)
- Re: Our old friend Firewall-1 Chris Brenton (Mar 15)
- TESO & C-Skills development advisory -- imwheel Sebastian (Mar 16)
- Re: TESO & C-Skills development advisory -- imwheel WHiTe VaMPiRe (Mar 19)
- Re: Our old friend Firewall-1 Hugo.van.der.Kooij () CAIW NL (Mar 14)
- Re: TESO advisory -- wmcdplay Kris Kennaway (Mar 11)
- CSS Exploits + RDS (IE5) Shane Hird (Mar 12)
- Advisory Update: ServerIron TCP/IP predictability fixed Andrew van der Stock (Mar 12)
- Exploit for Mandrake 6.1 (PAM/userhelper bug) Paulo Ribeiro (Mar 14)
- Re: Exploit for Mandrake 6.1 (PAM/userhelper bug) Darron Froese (Mar 17)
- Re: Exploit for Mandrake 6.1 (PAM/userhelper bug) Matt Davis (Mar 17)
- Re: Exploit for Mandrake 6.1 (PAM/userhelper bug) Jeremy Gault (Mar 21)
- Oracle Web Listener 4.0.x Cerberus Security Team (Mar 14)
- Re: Advisory Update: ServerIron TCP/IP predictability fixed H D Moore (Mar 14)
- Re: Advisory Update: ServerIron TCP/IP predictability fixed Max Vision (Mar 16)
- Exploit for Mandrake 6.1 (PAM/userhelper bug) Paulo Ribeiro (Mar 14)
(Thread continues...)
- Our old friend Firewall-1 Chris Brenton (Mar 11)