PaulDotCom mailing list archives
Re: Privilege scalation with GNU ld dlopen
From: Mike Patterson <mike () snowcrash ca>
Date: Wed, 10 Nov 2010 10:07:45 -0500
On 10-11-09 12:52 PM, Joshua Wright wrote:
On 11/9/2010 11:19 AM, Xavier Garcia wrote:One should be safe because users need admin rights to write there, but playing with setuid binaries is always dangerous.On Tue, Nov 09, 2010 at 09:57:37AM -0500, Nicholas B. wrote:One would hope a system didn't allow just anyone to write to /lib/Don't assume that /lib is the only path in LDPATH too.
Do you often see it set to include directories that users can write to? That would greatly surprise me. Mike _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 05)
- Re: Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Nicholas B. (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Joshua Wright (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Mike Patterson (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Mike Patterson (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Xavi Garcia (Nov 10)
- Re: Privilege scalation with GNU ld dlopen Nicholas B. (Nov 09)
- Re: Privilege scalation with GNU ld dlopen Xavier Garcia (Nov 09)