Re: Got root?
A few quick searches on google turned up some rather interesting
kernel patches...
sockfs:
http://users.ox.ac.uk/~mbeattie/linux-kernel.html
I'm not quite sure what to make of this. Very interesting, but
I can't imagine having 1024 numbers/socket representations in a
directory is the best way to configure something..
GID split privilege patch:
http://the.wiretapped.net/security/info/textfiles/phrack/phrack52.txt
Not as granular; apparently, the gids are hardcoded, so setgid binaries
are needed.
On Wed, May 02, 2001 at 01:17:17AM +0000, Ken Seefried wrote:
>
> Forgive my off & on following of this thread; this may have been mentioned.
>
> Wasn't there a kernel patch at one point detailed in Phrack or some such
> that bound the opening of certain priviledged ports to membership in certain
> groups? That is, if you belonged to group id 20 (say), you could open port
> 80 (say). This allowed otherwise SUID 0 programs to be run as non-priv
> users. I want to say that Solar Designer came up with it, but I can't seem
> to find the reference to it (in a cursory search).
>
> Seemed reasonable at the time, although certainly not as elegant as full
> privs (which didn't exist back then). Anyone remeber that?
>
> Ken Seefried, CISSP
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
"... being a Linux user is sort of like living in a house inhabited
by a large family of carpenters and architects. Every morning when
you wake up, the house is a little different. Maybe there is a new
turret, or some walls have moved. Or perhaps someone has temporarily
removed the floor under your bed." - Unix for Dummies, 2nd Edition
-- found in the .sig of Rob Riggs, rriggs@tesser.com
Reply to: