[6870] in bugtraq
Re: First patch :)
daemon@ATHENA.MIT.EDU (Chris Evans)
Sat May 30 02:36:30 1998
Date: Sat, 30 May 1998 00:30:37 +0100
Reply-To: Chris Evans <chris@FERRET.LMH.OX.AC.UK>
From: Chris Evans <chris@FERRET.LMH.OX.AC.UK>
To: BUGTRAQ@NETSPACE.ORG
Hi,
The "ruid" idea and prevent exec/fork of suid programs, is a nice idea but
is really security through obscurity.
If a hacker knows this patch is in place, he just replaces the shellcode
so instead of doing:
syscall exec /bin/sh
it does
syscall chmod 666 /etc/passwd
or any other exciting piece of code you care to run. You need not launch a
separate process to run it.
Cheers
Chris
