Vulnerability Development mailing list archives

Re: /lib/ld-2.2.4.so

From: Eric Rostetter <eric.rostetter () physics utexas edu>
Date: Tue, 23 Apr 2002 09:12:43 -0500

Quoting Sabau Daniel <draven () UBBCluj Ro>:

      This file gives users the ability of running binaries on witch the 
user doesn't have the permission to execute, it is enough to have read 
ability on the file in order to execute it:

-rwxr-xr--    1 root     root        45948 Aug  9  2001 /bin/ls

but using the /lib/ld-2.2.4.so file i can execute the ls command:

[08:51:36][draven@Zero:~]:$/lib/ld-2.2.4.so /bin/ls /
bin   bzImage   bzImage3  bzImage5  dev  home    lib   mnt  proc  sbin  
usr
boot  bzImage2  bzImage4  bzImage6  etc  initrd  misc  opt  root  tmp   
var


This is a old, known issue.  I've known about it for about 2 years, and
I'm sure others have known about it longer.  It makes an appearance on
a mailing list about once a year.

I know of no solution though to all the problems this brings up.

-- 
Eric Rostetter
eric.rostetter () physics utexas edu

Hey Rocky!  Watch me pull a rabbit from my hat!

Current thread:

/lib/ld-2.2.4.so Sabau Daniel (Apr 22)
- RE: /lib/ld-2.2.4.so Tech Support (Apr 24)
  - Re: /lib/ld-2.2.4.so Marlon Jabbur (Apr 24)
- Re: /lib/ld-2.2.4.so Eric Rostetter (Apr 24)
- Re: /lib/ld-2.2.4.so Olaf Kirch (Apr 24)
  - Re: /lib/ld-2.2.4.so Bill Weiss (Apr 24)
    - Re: /lib/ld-2.2.4.so Kurt Seifried (Apr 25)
    - Re: /lib/ld-2.2.4.so Robert A. Seace (Apr 25)
    - nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Anibal Ambertin (Apr 26)
    - Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) c0n (Apr 26)
    - Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Bill Weiss (Apr 26)
    - Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Jim Nanney (Apr 26)
    - Re: /lib/ld-2.2.4.so Florian Weimer (Apr 26)
  - Re: /lib/ld-2.2.4.so FozZy (Apr 24)

(Thread continues...)