Quoting Colm MacCarthaigh (colm at stdlib.net):
> On Tue, Feb 03, 2004 at 10:01:22AM -0800, Rick Moen wrote:
> > This is why we sysadmins teach people to say "/bin/su" when su'ing to
> > root. Eh, you never learned that? Sorry to hear.
>> Exec to a new shell that ignores that, whatever, it doesn't matter.
Mercy me, which MUA not only execs a new shell, but then attempts to run
su from it? Please let us know.
> The principle remains the same, once you have compromised a root
> holders account, root is next, in pretty short order. It's not hard,
> there are many many trivial ways.
Your hand waves have just gotten about an order of magnitude more vague.
> There are *no* serious difficulties. Once you have a root users
> account, you're there.
Sorry, telling me that you might in some hypothetical vulnerability
scenario theoretically change an alias value within the shell of some
MUA, which might then be lead to run the wrong process in place of su,
if hypothetically it could be induced to attempt to run su, rather
completely fails to be an example.
> Replace their shell, replace their binaries, invade their memory,
> LD_PRELOAD, whatever you like. There are zero barriers to you getting
> access to everything they do.
Sure, it's a simple matter of posting rubbish to mailing lists. Noting
could possibly be more elementary!
Cheers, The cynics among us might say: "We laugh,
Rick Moen monkeyboys -- Linux IS the mainstream UNIX now!
rick at linuxmafia.com MuaHaHaHa!" but that would be rude. -- Jim Dennis
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!