On May 30, 1:04pm, aleph1at_private wrote: } Subject: Patch to prevent setuid bash shells > This patches bash 1.4.15 to prevent setuid root shells. Of course, this > does not totally secure a system. A buffer overflow could run /bin/csh > instead of /bin/sh, or any other command. Apart from the fact that this patch is just plain stupid, there are easier ways to do it. All you need to do is modify bash so that it doesn't accept --noprofile and then put all that crap in /etc/profile. More flexible, but just as useless. BTW the attacker doesn't even need to use a different shell to get around this, he just setgid(0); setuid(0); before exec'ing. niall
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:20 PDT