Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: central_va

I believe it is an attack on a poorly-coded SUID root function.

Certain executables in Unix run SID root, which means that the program runs as root even if the user is an ordinary user. For example, the ‘ls’ command runs as root, so any user can see any other user’s processes. Provided the executables are properly coded and tested, this is not an issue. But a big part of the Unix hacker’s toolkit is to try to get an SUID binary to execute arbitrary code, so these functions have to be careful tested.


6 posted on 08/04/2015 9:02:51 AM PDT by proxy_user
[ Post Reply | Private Reply | To 2 | View Replies ]

To: proxy_user
For example, the ‘ls’ command runs as root, so any user can see any other user’s processes

Is that a Mac silliness? ls (or ps, which you probably meant) certainly aren't suid on RHEL.

20 posted on 08/04/2015 9:33:35 AM PDT by Darth Reardon (Is it any wonder I'm not the president?)
[ Post Reply | Private Reply | To 6 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson