[15296] in bugtraq
Re: local root on linux 2.2.15
daemon@ATHENA.MIT.EDU (Philip Guenther)
Sat Jun 10 05:20:39 2000
Message-Id: <200006082018.PAA18599@solen.gac.edu>
Date: Thu, 8 Jun 2000 15:18:58 -0500
Reply-To: Philip Guenther <guenther@GAC.EDU>
From: Philip Guenther <guenther@GAC.EDU>
X-To: Wojciech Purczynski <wp@ELZABSOFT.PL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0006081023450.1069-100000@alfa.elzabsoft.pl>
Wojciech Purczynski <wp@ELZABSOFT.PL> writes:
>Procmail seems to be affected by this hole if used as local-mailer for
>sendmail. If CAP_SETUID bit is cleared procmail doesn't drop privileges
>and may execute luser's program that mail is forwarded to in
>~user/.procmailrc with root privileges.
Question: given this bug, is it now the community expectation that every
program that setuids from 0 to non-zero should check for the presence of
this kernel bug?
The sendmail people have enhance sendmail in just such a fashion and
I'm wondering whether I, as current maintainer of procmail, should do
so to procmail. Are we going to see new versions of perl, screen,
xterm, nxterm, and rxvt (all of which are setuid root on the Linux
system in front of me) that contain code to detect this? I suspect so,
and I'll add the requisite code to procmail for the next version.
When is a kernel bug so egregious that application writers don't need to
work around it?
Philip Guenther
