[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: init scripts and su

On Thu, 26 Aug 2004 17:01, Thomas Hood <jdthood@yahoo.co.uk> wrote:
> Jan Minar wrote:
> > Has anyone made any progress in solving the su/sudo/super TIOCSTI
> > ioctl vulnerability?
> Am I correct in thinking that the vulnerability occurs when the
> admin runs "su foouser barcmd" from a shell *and* there is some
> compromised program running as user foouser which waits for this
> to happen and, when it does, injects characters into the admin's
> terminal to cause arbitrary commands to be executed with root
> privilege?

Yes.  Or alternately the admin runs "su - user" and the .login file for the 
account is trojaned.

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: