5949872 2001-01-11 12:27 -0500  /19 rader/ Matt Zimmerman <mdz@CSH.RIT.EDU>
Sänt av: joel@lysator.liu.se
Importerad: 2001-01-12  21:52  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: mdz@CSH.RIT.EDU
Mottagare: Bugtraq (import) <14782>
Kommentar till text 5940845 av Ari Saastamoinen <oh3mqu@VIP.FI>
Ärende: Re: Glibc Local Root Exploit
------------------------------------------------------------
On Thu, Jan 11, 2001 at 01:42:52AM +0200, Ari Saastamoinen wrote:

> On Wed, 10 Jan 2001, Pedro Margate wrote:
> 
> > install the ssh binary as suid root by default.  This can be disabled
> > during configuration or after the fact with chmod.  I believe that would
> 
> That exploit can use any suid root program which resolves host names. (For
> example ping and traceroute) So you cannot fix that glibc explot only by
> unsetting SUID bit of ssh client.

Or more properly, an suid root program which resolves host names
_while still holding root privileges_.  ping from netkit and
traceroute from LBNL do not fall into this category.  fping from
SATAN, however, does.

-- 
 - mdz
(5949872) --------------------------------(Ombruten)
Bilaga (application/pgp-signature) i text 5949873
5949873 2001-01-11 12:27 -0500  /10 rader/ Matt Zimmerman <mdz@CSH.RIT.EDU>
Importerad: 2001-01-12  21:52  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: mdz@CSH.RIT.EDU
Mottagare: Bugtraq (import) <14783>
Bilaga (text/plain) till text 5949872
Ärende: Bilaga till: Re: Glibc Local Root Exploit
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6Xe0RArxCt0PiXR4RAtQ3AJ9HLTqKPaoY+fwDQg0LbjPpO+Io3ACg2R9Q
Lh4x2eh7z4cAHqnWNcnJCGA=
=BS9M
-----END PGP SIGNATURE-----
(5949873) ------------------------------------------