getting vendors to fix security bugs
Guy Harris
guy at auspex.auspex.com
Fri Feb 22 07:03:41 AEST 1991
>BTW, what are the chances of hitting the window on the suid scripts?
Pretty good.
>By that I mean, suppose I have the perfect program to exploit it,
>which I've just compiled on a system where a suid script and the
>perfect conditions to exploit it exist. Isn't it true that
>(1) I have only a very small chance of winning,
No. The program I saw got in the window every time I tried it. It's a
question of when parent and child processes run; I forget whether it's
*guaranteed* to succeed on most UNIX implementations, or just extremely
*likely* to succeed.
>Has anyone actually successfully exploited this bug (of course I mean
>under test conditions, on your own machine, where you have root access anyway),
Yes.
More information about the Comp.unix.wizards
mailing list