Re: Is there something that can be done against this ???

Peter T. Breuer (ptb@it.uc3m.es)
Mon, 13 Aug 2001 21:24:06 +0200 (CEST)


"A month of sundays ago Mircea Ciocan wrote:"
> P.S. Please tell me that I'm just being parnoid and that crap didn't
> work on your systems with a lookalike configuration.

It doesn't work. It just looks like it does to the viewer!

The "exploit" is a loadable shared library that replaces the
getuid, geteuid, getgid and getegid functions with dummies that
always return 0. So the code in bash that looks up the
prompt and all thatgoes and looks up roots .profile. The result is
that you get what looks like a root prompt, and your calls to
id return 0 :-)

But it can't really change uid. Try touching a file in / !

Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/