Who dat?
Ka Kahula
matt at oddjob.UChicago.EDU
Fri Jul 22 04:31:57 AEST 1988
) In article <3789 at rpp386.UUCP>, jfh at rpp386.UUCP (John F. Haugh II) writes:
) > have the client create a file with the suid and sgid bits set. ...
In article <51 at minya.UUCP> jc at minya.UUCP (John Chambers) writes:
) Let's see, what I do when you ask my process A to create this file is
) to have a program B sitting around that is setuid/setgid to whomever
) I want you to think A is; ...
If you have this program B, you can impersonate your victim completely.
Why not just assume that you have your victim's password? It comes
to the same thing.
A would start up B as a subprocess, with the
) > this should be fully fool proof.
)
) Careful who you call a fool, boy!
No error in this case.
________________________________________________________
Matt Crawford matt at oddjob.uchicago.edu
More information about the Comp.unix.wizards
mailing list