[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Some ideas and concerns regarding fakeroot

>> Simple hack with such a preloaded library: Substitute a known password for
>> root in /etc/passwd and run su. Type the password and you are superuser.
>Why do you think this could possibly be done? Suid programs ignore
>LD_PRELOAD, won't that prevent this?

That prevents it. Just looked at the info file. Should have known that it
cannot be that simple. Maybe I can push my imagination a bit to come up
with another scenario later.

--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: