[20230] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Solaris ipcs vulnerability

daemon@ATHENA.MIT.EDU (Neil W Rickert)
Mon Apr 16 14:58:28 2001

Message-ID:  <16319.987424984@euclid.cs.niu.edu>
Date:         Mon, 16 Apr 2001 07:43:04 -0500
Reply-To: Neil W Rickert <rickert+bt@CS.NIU.EDU>
From: Neil W Rickert <rickert+bt@CS.NIU.EDU>
X-To:         Scott Howard <scott@DOC.NET.AU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  Message from Scott Howard <scott@DOC.NET.AU> of "Sat, 14 Apr 2001
              09:10:04 +1000." <20010414091004.A9925@milliways.doc.net.au>

Scott Howard <scott@DOC.NET.AU> wrote:

>Solaris 8 (Sparc at least) is not affected as ipcs is not suid/sgid.

This might be a matter of looking in the wrong place.

For programs where there are both 32bit and 64bit versions, the
program you see might be a stub that invokes the real program.
For example, on 32-bit solaris 8, what is actually run is

-r-xr-sr-x   1 root     sys        10740 Jan  5  2000 /usr/bin/sparcv7/ipcs

That is sgid.

 -NWR


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20230] in bugtraq

Re: Solaris ipcs vulnerability

daemon@ATHENA.MIT.EDU (Neil W Rickert)Mon Apr 16 14:58:28 2001

daemon@ATHENA.MIT.EDU (Neil W Rickert)
Mon Apr 16 14:58:28 2001