Bug#357561: privilege escalation hole

To: 357561@bugs.debian.org
Subject: Bug#357561: privilege escalation hole
From: Matthew Johnson <debian@matthew.ath.cx>
Date: Thu, 1 Mar 2007 09:32:42 +0000 (GMT)
Message-id: <[🔎] Pine.LNX.4.63.0703010928460.30101@illythia.matthew.ath.cx>
Reply-to: Matthew Johnson <debian@matthew.ath.cx>, 357561@bugs.debian.org

The description given is somewhat incorrect. The escalation exists
whether run with -F or not. 033_-F_NOSETSID disables running setsid in
all cases. This means that running /etc/init.d/apache start and then not
closing the terminal (and people do have long-running shells like this)
leaves you vulnerable---this has been verified by richard thrippleton.

I've tested my patch and it both closes this vulnerability while still
allowing use of apache with -F. Please could someone upload the NMU I
linked to above.

Thanks,
Matt

--
Matthew Johnson
http://www.matthew.ath.cx/

Reply to:

Prev by Date: Bug#357561: privilege escalation hole
Next by Date: Bug#357561: Severity
Previous by thread: Bug#357561: privilege escalation hole
Next by thread: Bug#357561: Severity
Index(es):
- Date
- Thread