oss-sec mailing list archives
Re: CVE request: oping allows the disclosure of arbitrary file contents
From: Tomas Hoger <thoger () redhat com>
Date: Tue, 17 Nov 2009 20:48:12 +0100
On Mon, 16 Nov 2009 17:39:30 -0500 (EST) Josh Bressers wrote:
Does the RLIMIT_NPROC trick work against oping, or any setuid app that calls setuid(getuid())?This should work for everything that calls setuid() I have a little bit about this here: http://www.bress.net/blog/archives/34-setuid-madness.html
My previous web search did find that one. Though set_user() doing NPROC check is only called when new uid differs from current real uid (so not called in setuid(getuid()) case). -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- Re: CVE request: oping allows the disclosure of arbitrary file contents, (continued)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Julien Tinnes (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Oct 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Steven M. Christey (Oct 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents yersinia (Oct 17)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Steven M. Christey (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents security curmudgeon (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Steven M. Christey (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Julien Tinnes (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Nov 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Tomas Hoger (Nov 17)