Stephen, Andre is actually referring to a valid class of exploits there (there
are valid exploits to /bin/bash).
An old example was putting shellcode in a long pathname, creating a symlink to it
and tricking root to cd into it. But that's not the specific style he's
referring to obviously - that style usually lets you trigger off a shell script
and through that achieve the creation of a SUID root shell.
I'm just not sure exactly what he means by "shellstack memory push". Certainly not
a term I recall coming across, and in fact reputable security references and
search engines return no match.
David.
-- ---------------------------------------------- David Luyer Senior Network Engineer Pacific Internet (Aust) Pty Ltd Phone: +61 3 9674 7525 Fax: +61 3 9699 8693 Mobile: +61 4 1064 2258, +61 4 1114 2258 http://www.pacific.net.au NASDAQ: PCNTF << fast 'n easy >> ----------------------------------------------
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/