Bugtraq mailing list archives
Re: Red Hat 9: free tickets
From: Carlos Villegas <villegas () math gatech edu>
Date: Wed, 2 Jul 2003 17:07:29 -0400
This way of attack seems useless to me. This is also used on RH 8.0 systems, and for both 8.0 and 9 systems: drwx------ 4 root root 4096 Jun 27 08:43 /var/run/sudo Which means that if the packages are properly built (and will make sure that this directory gets this permissions if it existed before the rpm is installed), this attack will gain you nothing, since you need to be root to exploit it. If you can get root access to make this attack possible, then you might as well launch a shell instead. Carlos
Current thread:
- Red Hat 9: free tickets Michal Zalewski (Jul 02)
- Re: Red Hat 9: free tickets Carlos Villegas (Jul 02)
- Re: Red Hat 9: free tickets Michal Zalewski (Jul 02)
- Re: Red Hat 9: free tickets Carlos Villegas (Jul 02)