Bugtraq mailing list archives

Re: Root compromise via zgv

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Tue, 27 Oct 1998 14:08:41 +0000

Answer 1. Besides port access granted by ioperm/iopl, svgalib needs write
access to /dev/mem to operate. Therefore svgalib keeps an open
descriptor ( number three usually ) to /dev/mem ( is it true in all cases ?
can someone confirm that authoritatively ? ). So, we can modify our uid


[It does not need to, its yet another svgalib bug if it does.]

And the answer to svgalib as a whole is 'before installing this package
read back 2 years of bugtraq and tell me why you are installing it'

Alan

Current thread:

Root compromise via zgv Nergal (Oct 19)
- Similar Internet Explorer security problem Harry (Dec 31)
- Re: Firewall-1 Security Advisory David S. Goldberg (Oct 27)
- Re: Root compromise via zgv Alan Cox (Oct 27)