[6133] in Kerberos
Re: Telnet vulnerability--shared library loading
daemon@ATHENA.MIT.EDU (Zump)
Sun Nov 5 23:03:43 1995
To: kerberos@MIT.EDU
Date: 2 Nov 1995 19:05:44 GMT
From: bem@garcia.efn.org (Zump)
Mario Klebsch DG1AM (mkl@rob.cs.tu-bs.de) wrote:
: This has been a problem before. But I heared, they remove the LD_* env
: variables now, when an suid root executable is started. Perhaps it
: cannot determine, it is suid root, when it is started as root. But
: then, running telnetd as nobody would cure the problem, wouldn't it?
Well, as nobody, it would make it rather difficult to change uids when
you logged in.
