[6802] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: simple kde exploit fix

daemon@ATHENA.MIT.EDU (Andreas Jellinghaus)
Mon May 18 16:40:55 1998

Date: 	Mon, 18 May 1998 20:59:24 +0200
Reply-To: Andreas Jellinghaus <aj@DUNGEON.INKA.DE>
From: Andreas Jellinghaus <aj@DUNGEON.INKA.DE>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <19980518174845.56713@colombina.comedia.it>; from Luca Berra on
              Mon, May 18, 1998 at 05:48:45PM +0200

the kde packages done by debian were affected by the kde exploit this way:
they were not setuid root, but setgid shadow. so it could be possible to read
/etc/shadow, but not get root rights.

andreas


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[6802] in bugtraq

Re: simple kde exploit fix

daemon@ATHENA.MIT.EDU (Andreas Jellinghaus)Mon May 18 16:40:55 1998

daemon@ATHENA.MIT.EDU (Andreas Jellinghaus)
Mon May 18 16:40:55 1998