Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability

To: debian-security@lists.debian.org
Subject: Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
From: Carlos Carvalho <carlos@fisica.ufpr.br>
Date: Tue, 9 Jan 2001 09:41:22 -0200
Message-id: <[🔎] 14938.63714.421143.27854@hoggar.fisica.ufpr.br>
In-reply-to: <[🔎] 20010109110855.A4036@polya>
References: <[🔎] Pine.LNX.4.31.0101081331280.20955-100000@io.88.net> <[🔎] Pine.LNX.4.31.0101081752230.25739-100000@io.88.net> <[🔎] 20010109110855.A4036@polya>

Julian Gilbey (J.D.Gilbey@qmw.ac.uk) wrote on 9 January 2001 11:08:
 >Most weird. I get this behaviour when running through a setuid root
 >strace, but I don't get the error messages (and hence the content of
 >/etc/shadow) when I don't use strace. I'm still running potato.

You can't strace a suid root binary if you're not root, so this isn't
a security problem.

Reply to:

References:
- 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: thomas lakofski <thomas@88.net>
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: thomas lakofski <thomas@88.net>
- Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>

Prev by Date: Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
Next by Date: rpc.statd attack?
Previous by thread: Re: 'export RESOLV_HOST_CONF= any file you want' local vulnerability
Next by thread: IP spoofing protection
Index(es):
- Date
- Thread