Re: RAZOR advisory: Linux util-linux chfn local root vulnerability
From: Andreas Beck (becka@uni-duesseldorf.de)Date: 07/31/02
- Previous message: gobbles@hushmail.com: "The SUPER Bug"
- In reply to: Andrew Pimlott: "Re: RAZOR advisory: Linux util-linux chfn local root vulnerability"
- Next in thread: Szemkel: "Re: RAZOR advisory: Linux util-linux chfn local root vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 31 Jul 2002 09:11:20 +0200 From: Andreas Beck <becka@uni-duesseldorf.de> To: bugtraq@securityfocus.com
Andrew Pimlott <andrew@pimlott.net> wrote:
> > > If he is smart, he will check whether the file is open (eg with fuser)
> > Not really. The file does not have to be open to be present in the system.
> > It is prefectly possible to leave a dangling root-owned file several
> > times,
> Correct, but: the admin should still verify that it is not open
> before deleting it (in his cron job).
As long as there is no atomic "check-if-file-is-open-and-if-not-delete-it"
this just makes exploitation harder by introducing another race condition.
CU, Andy
-- = Andreas Beck | Email : <becka@bedatec.de> =
- Previous message: gobbles@hushmail.com: "The SUPER Bug"
- In reply to: Andrew Pimlott: "Re: RAZOR advisory: Linux util-linux chfn local root vulnerability"
- Next in thread: Szemkel: "Re: RAZOR advisory: Linux util-linux chfn local root vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
