Vulnerability Development mailing list archives
Re: question on an exploit
From: Ed Rolison <ed.rolison () byzantium com>
Date: Mon, 21 May 2001 16:19:51 +0100 (BST)
Could the filesystem be mounted no-setuid? This is a fairly common feature because basically in user space there's rarely a need for setuid binaries. actually, come to think of it, you might need the program to make a 'setuid(0)' system call. Otherwise it'll not try and grab the higher permissions. (as an example, stick a setuid flag on a shell, and then run it. IIRC it doesn't change uid.
Current thread:
- question on an exploit roland kwitt (May 21)
- AW: question on an exploit ConKing (May 21)
- Re: question on an exploit Neil Macvicar (May 21)
- <Possible follow-ups>
- RE: question on an exploit SardaƱons , Eliel (May 21)
- Re: question on an exploit Ed Rolison (May 21)