Re: Some ideas and concerns regarding fakeroot

To: Joey Hess <joey@kite.ml.org>
Cc: debian-devel@lists.debian.org, fakeroot@packages.debian.org
Subject: Re: Some ideas and concerns regarding fakeroot
From: Christoph Lameter <clameter@waterf.org>
Date: Sat, 6 Sep 1997 17:27:11 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.3.96.970906172419.1859A-100000@waterf.org>
In-reply-to: <[🔎] 19970906200759.18019@kite>

>> Simple hack with such a preloaded library: Substitute a known password for
>> root in /etc/passwd and run su. Type the password and you are superuser.
>
>Why do you think this could possibly be done? Suid programs ignore
>LD_PRELOAD, won't that prevent this?

That prevents it. Just looked at the info file. Should have known that it
cannot be that simple. Maybe I can push my imagination a bit to come up
with another scenario later.

--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: Some ideas and concerns regarding fakeroot
  - From: Joey Hess <joey@kite.ml.org>

References:
- Re: Some ideas and concerns regarding fakeroot
  - From: Joey Hess <joey@kite.ml.org>

Prev by Date: Re: Some ideas and concerns regarding fakeroot
Next by Date: Re: Some ideas and concerns regarding fakeroot
Previous by thread: Re: Some ideas and concerns regarding fakeroot
Next by thread: Re: Some ideas and concerns regarding fakeroot
Index(es):
- Date
- Thread