Bugtraq mailing list archives
Re: Wiping out setuid programs
From: niall () POBOX COM (Niall Smart)
Date: Tue, 12 Jan 1999 17:03:22 +0000
I thought this one was laid to rest last year in the "Dump a mode --x--x--x binary on Linux 2.0.x" thread, wherein Martin Mares summarised:Semantics of unreadable files is well-defined at file level (i.e., it's defined you cannot read() them), but not at any other level. No standard guarantees you that contents of such binaries are not accessible in any other way
For the record, the same caveat applies to the semantics of the immutable file flag, i.e. files with the immutable and executable file flags do not lead to immutable processes. For more see: http://www.pobox.com/~niall/adv/seclvl.txt Regards, Niall
Current thread:
- Re: Wiping out setuid programs Steve Bellovin (Jan 07)
- Re: Wiping out setuid programs Gene Spafford (Jan 08)
- <Possible follow-ups>
- Re: Wiping out setuid programs D. J. Bernstein (Jan 09)
- Re: Wiping out setuid programs Alan Cox (Jan 09)
- Re: Wiping out setuid programs Nick Maclaren (Jan 10)
- Bind 8.* bug. Alan Brown (Jan 11)
- Re: Wiping out setuid programs Neale Banks (Jan 11)
- Re: Wiping out setuid programs Steven M. Bellovin (Jan 09)
- Re: Wiping out setuid programs der Mouse (Jan 09)
- Re: Wiping out setuid programs D. J. Bernstein (Jan 10)
- Re: Wiping out setuid programs Niall Smart (Jan 12)