Bugtraq mailing list archives
Re: Solaris 2.3 login
From: barr () pop psu edu (David Barr)
Date: Sun, 14 Aug 1994 19:36:40 -0400
In message <9408131143.AA04455@iridium>, "Christopher A. Stewart" writes:
abit..) Actually what it turns out to be is a process where the ruid != euid the system won't dump core for it.. So if the Solaris login is dumping core when someone envokes in on the command line, it must be doing a setuid(0) early in the code.. I wonder why?
Since login is invoked by root, it's not a security problem. (at least not in the usual sense of suid programs dumping core) The problem of login dumping core would be there even if login were not suid root. (and in many installations it isn't) When login gets invoked in normal logins (from getty, etc), ruid = euid. --Dave
Current thread:
- Re: Solaris 2.3 login, (continued)
- Re: Solaris 2.3 login richard oxbrow (Aug 12)
- Re: Solaris 2.3 login jatipper () vnet IBM COM (Aug 12)
- Re: Solaris 2.3 login Perry E. Metzger (Aug 12)
- Re: Solaris 2.3 login John DiMarco (Aug 12)
- Re: disabling login in V1 #14 Wm Randolph Franklin (Aug 18)
- Re: disabling login in V1 #14 matthew green (Aug 19)
- Re: disabling login in V1 #14 Wm Randolph Franklin (Aug 18)
- Re: Solaris 2.3 login Peter Wemm (Aug 12)
- Re: Solaris 2.3 login Evil Pete (Aug 12)
- Re: Solaris 2.3 login Marc W. Mengel (Aug 12)
- Re: Solaris 2.3 login Christopher A. Stewart (Aug 12)
- Re: Solaris 2.3 login David Barr (Aug 14)