Re: procfs hole

Brian Mitchell (brian@FIREHOUSE.NET)
Sun, 10 Aug 1997 14:38:41 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: JeBe: "Program To decrypt password in ws_ftp.ini"
Previous message: Jonathan A. Zdziarski: "Re: procfs hole"
Maybe in reply to: Brian Mitchell: "procfs hole"
Next in thread: Alex: "Re: procfs hole"

On Sun, 10 Aug 1997, Jonathan A. Zdziarski wrote:

This would be a horrible solution. Someone is just going to chose another
function to overwrite and do a setuid(0) and execve() of some shell.

> Would disabling bash and sh (and any other shells that allowed this) be a
> good temporary solution? I've noticed you have to have it set as your
> default shell, so removing it from /etc/shells could prevent this. It's
> either that or disbale procfs (and I'm still not sure what the effects of
> that would be)
>
>
> -------------------------------------------------------------------------
> Jonathan A. Zdziarski NetRail Incorporated
> Server Engineering Manager 230 Peachtree St. Suite 500
> jonz@netrail.net Atlanta, GA 30303
> http://www.netrail.net (888) - NETRAIL
> -------------------------------------------------------------------------
>
>

Next message: JeBe: "Program To decrypt password in ws_ftp.ini"
Previous message: Jonathan A. Zdziarski: "Re: procfs hole"
Maybe in reply to: Brian Mitchell: "procfs hole"
Next in thread: Alex: "Re: procfs hole"