A security hole
Stephen J. Friedl
friedl at vsi.UUCP
Thu Mar 31 17:10:42 AEST 1988
In article <4212 at ihlpf.ATT.COM>, nevin1 at ihlpf.ATT.COM (00704a-Liber) writes:
} In article <544 at fig.bbn.com> rsalz at bbn.com (Rich Salz) writes:
} .Every single program that is subject to the "IFS" trick can be
} .protected by written a wrapper that sets the environment properly,
} .then calls the real program.
}
} But what stops the user from bypassing the wrapper and calling the real
} program directly?
The wrapper is setuid and the "real" program has its special
permissions removed. If you bypass the wrapper the best you
can do is break your own usercode :-).
--
Steve Friedl V-Systems, Inc. *Hi Mom*
friedl at vsi.com {uunet,ihnp4}!vsi.com!friedl attmail!friedl
More information about the Comp.bugs.sys5
mailing list