Bugtraq mailing list archives

Re: Yesterday this would have worked... (fwd)

From: newsham () wiliki eng hawaii edu (Timothy Newsham)
Date: Sat, 17 Dec 1994 08:50:51 -1000 (HST)

Looks to me as though exec() sets the UID on the process per setuid
bits before it checks for arguments too long, and doesn't take care to
undo this properly in that case.

[..]


Depends on where the bug came from.  If it's one of those ever-since-V7
bugs it should be widespread; if it's a fumble-fingers mistake from
BSDI it's probably not elsewhere.  I'm sure everyone can imagine
variations.  I'm certainly going to test _my_ systems!


It might be a fumble at sctc when adding the type system.  Ie:
exec() sets type to mail, exec fails, type remains in place.

                                      der Mouse
                          mouse () collatz mcrcim mcgill edu

Current thread:

Yesterday this would have worked... (fwd) Matthew Harding (Dec 16)
- <Possible follow-ups>
- Re: Yesterday this would have worked... (fwd) der Mouse (Dec 17)
  - Re: Yesterday this would have worked... (fwd) Timothy Newsham (Dec 17)
  - Sun Patch Id #102060-01 Mitch Wright (Dec 18)
    - Re: Sun Patch Id #102060-01 Alain Durand (Dec 19)
    - Re: Sun Patch Id #102060-01 Karl Strickland (Dec 19)