[878] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] sudo passwd wrapper

daemon@ATHENA.MIT.EDU (spew)
Thu Jul 4 15:59:30 1996

Date: Wed, 3 Jul 1996 21:39:54 -0400 (EDT)
From: spew <spew@j51.com>
To: Adam Solesby <adam@saucy.shack.com>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199607011841.NAA09666@saucy.shack.com>

On Mon, 1 Jul 1996, Adam Solesby wrote:

> I implemented a program to disallow changing of passwords of specified users.
> It is meant to be used with sudo for people that need to change passwords.
> Please email me suggestions because I'm not too security savvy. --Adam.
	It shows. :)
[snip]
> 		{
> 			strcat(command,ARGV[1]);
		Bug 1: Stack overwrite.  Values of argv[1] greater than 
100 - strlen("/bin/passwd ") in length can overwrite the stack and be 
used to obtain root.
>  			system( command ); /* not safe */
		Bug 2: Do I even have to explain this one?

		

home help back first fref pref prev next nref lref last post