PaulDotCom mailing list archives
Re: Privilege scalation with GNU ld dlopen
From: Joshua Wright <jwright () hasborg com>
Date: Tue, 09 Nov 2010 12:52:55 -0500
On 11/9/2010 11:19 AM, Xavier Garcia wrote:
One should be safe because users need admin rights to write there, but playing with setuid binaries is always dangerous.
On Tue, Nov 09, 2010 at 09:57:37AM -0500, Nicholas B. wrote:One would hope a system didn't allow just anyone to write to /lib/
Don't assume that /lib is the only path in LDPATH too. -Josh _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 05)
- Re: Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Nicholas B. (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Joshua Wright (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Mike Patterson (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Mike Patterson (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Xavi Garcia (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Nicholas B. (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 09)