[20009] in bugtraq
Re: .. ptrace improvement
daemon@ATHENA.MIT.EDU (Scott Francis)
Tue Apr 3 18:04:29 2001
Mail-Followup-To: Scott Francis <scott@virtualis.com>,
Brian Parris <brian.parris@VERIZON.NET>,
BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010402144145.I169@virtualis.com>
Date: Mon, 2 Apr 2001 14:41:45 -0700
Reply-To: Scott Francis <scott@VIRTUALIS.COM>
From: Scott Francis <scott@VIRTUALIS.COM>
X-To: Brian Parris <brian.parris@VERIZON.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <002c01c0bad4$94b8b560$413c2904@c705263a>; from
brian.parris@VERIZON.NET on Sun, Apr 01, 2001 at 12:52:53PM -0500
On Sun, Apr 01, 2001 at 12:52:53PM -0500, Brian Parris had this to say:
> I keep trying all these exploits posted on the list on my webserver with no
> success, they all say "bug exploited successfully" but don't give root, am I
> doing something wrong?
yes. You need to fully understand what the code is and why it works, as well
as (in many cases) what was left intentionally broken to prevent people from
just grabbing it, compiling it and trying for instant root.
s/people/script kiddies/ as appropriate.
> Brian Parris
> brian.parris@verizon.net
--
Scott Francis scott@ [work:] v i r t u a l i s . c o m
Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t
PGP fingerprint 7ABF E2E9 CD54 A1A8 804D 179A 8802 0FBA CB33 CCA7
illum oportet crescere me autem minui
