Re: init scripts and su

To: debian-devel@lists.debian.org
Cc: Thomas Hood <jdthood@yahoo.co.uk>
Subject: Re: init scripts and su
From: Russell Coker <russell@coker.com.au>
Date: Sat, 28 Aug 2004 22:41:01 +1000
Message-id: <[🔎] 200408282241.01948.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20040826070129.GA21101@yahoo.co.uk>
References: <[🔎] 20040826070129.GA21101@yahoo.co.uk>

On Thu, 26 Aug 2004 17:01, Thomas Hood <jdthood@yahoo.co.uk> wrote:
> Jan Minar wrote:
> > Has anyone made any progress in solving the su/sudo/super TIOCSTI
> > ioctl vulnerability?
>
> Am I correct in thinking that the vulnerability occurs when the
> admin runs "su foouser barcmd" from a shell *and* there is some
> compromised program running as user foouser which waits for this
> to happen and, when it does, injects characters into the admin's
> terminal to cause arbitrary commands to be executed with root
> privilege?

Yes.  Or alternately the admin runs "su - user" and the .login file for the 
account is trojaned.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

References:
- Re: init scripts and su
  - From: Thomas Hood <jdthood@yahoo.co.uk>

Prev by Date: Re: CHALLENGE-RESPONSE AGENTS DEEMED LETHAL! was (Re: Frank Carmickle and Marco Paganini must die)
Next by Date: Re: Incorrect use of "it's" in package control files -- file mass bug?
Previous by thread: Re: init scripts and su
Next by thread: PHP5?
Index(es):
- Date
- Thread