On Friday 2009 January 16 04:13:10 Michael Loftis wrote: >--On January 16, 2009 10:31:35 AM +0100 Andreas Matthus ><Andreas.Matthus@tu-dresden.de> wrote: >> But since some days I mull over a question: What happens if a user run >> a selfcopy from a program with a security hole? I'm afraid he can get >> root-rights. Isn't it? >In general, no. This requires an exploitable kernel bug. That said, there >have been some of these in the past, and new ones will likely be discovered >in the future, but that's far more rare. Anything you run as root should >only ever come from trusted sources for this reason. What about hardlinking the suid-root binaries to a hidden location, waiting for a security hole to be found/fixed, and then running the old binary to exploit the hole? Does dpkg handle suid/sgid files so that this is prevented? -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.