what a malicious local user can do using "nobody"'s privilege?
From: Rick Zhong (isc00801_at_nus.edu.sg)
Date: 09/27/03
- Previous message: David J. Jackson: "RE: protect MS Windows 95/98/Me"
- In reply to: Sutton, David: "Looking for some ideas on VPN and Dial Up Users and Virus protect ion."
- Next in thread: Jon Hart: "Re: what a malicious local user can do using "nobody"'s privilege?"
- Reply: Jon Hart: "Re: what a malicious local user can do using "nobody"'s privilege?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Sun, 28 Sep 2003 02:46:07 +0800
Hello all,
i am reading something about this vulnerablity (bugtraqid 8561) which lift
normal local user to have the nobody user privilege. Just wondering what
exactly can this nobody do? (to hurt the system)
Looks like nobody does not have much privilege and i can only find the
"locate" db is owned by "nobody" on my freebsd box. Besides this what other
things which a malicious local user can do only when he got the nobody
privilege? thanks.
regards,
Rick
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: David J. Jackson: "RE: protect MS Windows 95/98/Me"
- In reply to: Sutton, David: "Looking for some ideas on VPN and Dial Up Users and Virus protect ion."
- Next in thread: Jon Hart: "Re: what a malicious local user can do using "nobody"'s privilege?"
- Reply: Jon Hart: "Re: what a malicious local user can do using "nobody"'s privilege?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
