Re: Patch to prevent setuid bash shells

From: Niall Smart (njs3at_private)
Date: Mon Jun 01 1998 - 10:33:11 PDT

Next message: p00h: "Re: AOL for Windows DoS/Exploit"

Previous message: Invisi: "AOL for Windows DoS/Exploit"
Next in thread: Aleph One: "Re: Patch to prevent setuid bash shells"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On May 30,  1:04pm, aleph1at_private wrote:
} Subject: Patch to prevent setuid bash shells
> This patches bash 1.4.15 to prevent setuid root shells.  Of course, this
> does not totally secure a system.  A buffer overflow could run /bin/csh
> instead of /bin/sh, or any other command.

Apart from the fact that this patch is just plain stupid, there are
easier ways to do it.  All you need to do is modify bash so that it
doesn't accept --noprofile and then put all that crap in /etc/profile.
More flexible, but just as useless.  BTW the attacker doesn't even
need to use a different shell to get around this, he just setgid(0);
setuid(0); before exec'ing.

niall

Next message: p00h: "Re: AOL for Windows DoS/Exploit"
Previous message: Invisi: "AOL for Windows DoS/Exploit"
Next in thread: Aleph One: "Re: Patch to prevent setuid bash shells"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:20 PDT