[10123] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight

daemon@ATHENA.MIT.EDU (Stefan Rompf)
Wed Apr 7 15:09:18 1999

Date: 	Tue, 6 Apr 1999 19:57:25 +0200
Reply-To: Stefan Rompf <srompf@TELEMATION.DE>
From: Stefan Rompf <srompf@TELEMATION.DE>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.4.05.9903070059130.710-100000@nimue.ids.pl>

Hello Michal,

At 01:41 07.03.99 +0100, you wrote:

>Exploited overflow in ipop3d could be used to gain superuser access (the
>only thing done by ipop3d is setuid+setgid, no seteuid/setreuid).

Fortunately, you are wrong here. Quoting from the Solaris' setuid() manpage:

    If the effective user ID of the process calling setuid()  is
    the  super-user, the real, effective, and saved user IDs are
    set to the uid parameter.

Linux behaves the same way, IMHO this is defined in POSIX.

cu.. Stefan


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[10123] in bugtraq

Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight

daemon@ATHENA.MIT.EDU (Stefan Rompf)Wed Apr 7 15:09:18 1999

daemon@ATHENA.MIT.EDU (Stefan Rompf)
Wed Apr 7 15:09:18 1999