Re: chmod 111 — Linux Kernel

Linus Torvalds wrote:

In particular, it's fairly easy to create a shared library that replaces asystem library (LD_LIBRARY_PATH) and then just dumps out the binary image.

What prevents you from injecting a shared library and manipulating asuid executable? Does the environment get cleared when you exec a suidprogram? Or does the dynamic linker just notice euid != uid and ignorethe LD environment variables? If so then would adding the sgid bit andmaking the binary owned by a powerless group effectively prevent thisattack vector to read it?


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: chmod 111
  - From: Linus Torvalds <torvalds@osdl.org>

References:
- chmod 111
  - From: Nick Warne <nick@linicks.net>
- Re: chmod 111
  - From: Nick Warne <nick@linicks.net>
- Re: chmod 111
  - From: Steven Rostedt <rostedt@goodmis.org>
- Re: chmod 111
  - From: Linus Torvalds <torvalds@osdl.org>

Prev by Date: Re: oops in ext3_discard_reservation()
Next by Date: Re: [RESEND][PATCH] v9fs: print v9fs module address
Previous by thread: Re: chmod 111
Next by thread: Re: chmod 111
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]