Really nasty Linux security bug

troy fryman at sonic.net
Fri Oct 19 14:49:47 PDT 2001


A little clarification:
quote from the original advisory:

>        In order to exploit this kernel vulnerability, one needs a setuid
> root binary which execs an user-defined binary (or a shell). Newgrp is
> appropriate on most distributions.

For reference:
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221595

ptrace rides again...

-ta

On Fri, Oct 19, 2001 at 02:37:53PM -0700, troy wrote:
> 
> On Fri, Oct 19, 2001 at 02:31:36PM -0700, E Frank Ball wrote:
> 
> > The ptrace problem is easily fixed.  Log in as root and:
> > chmod u-s /usr/bin/newgrp       
> 
> Uhhhm, as i understand it the exploit requires a SUID binary.  newgrp is
> just a convenient helper, not the source of the problem.
> 
> -t




More information about the talk mailing list