From: Brock Tellier <btellierat_private> > >This was my try to exploit myself. When I make the 'killall -8 xmonisdn' >my > >xmonisdn dies only with an Floating exception but it doesn't dump a core. > Good, it shouldn't. If you look at the original post, this person executed > those commands as root, which, on his system, allowed him to make the suid > xmonisdn dump core. xmonisdn won't dump core unless you are running it as > root. This isn't a security hole unless it were to dump core in a world > readable mode. Or in a directory writable by others, in which case files could get trashed. With O_NOFOLLOW in the core file open(), as it is in recent kernels, you now require hard links rather than symbolic links to achieve this. I've put O_EXCL in some of my kernels for this reason. -- ############################################################## # Antonomasia antat_private # # See http://www.notatla.demon.co.uk/ # ##############################################################
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:08:19 PDT