Re: Some ideas and concerns regarding fakeroot
>> Simple hack with such a preloaded library: Substitute a known password for
>> root in /etc/passwd and run su. Type the password and you are superuser.
>
>Why do you think this could possibly be done? Suid programs ignore
>LD_PRELOAD, won't that prevent this?
That prevents it. Just looked at the info file. Should have known that it
cannot be that simple. Maybe I can push my imagination a bit to come up
with another scenario later.
--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: