[1171] in bugtraq
Re: Re[2]: snooper watchers
daemon@ATHENA.MIT.EDU (Karl Strickland)
Fri Mar 3 18:26:24 1995
From: Karl Strickland <karl@bagpuss.demon.co.uk>
To: Timothy Newsham <newsham@aloha.net>
Date: Fri, 3 Mar 1995 21:21:40 +0000 (GMT)
Cc: root@iifeak.swan.ac.uk, mcn@c3serve.c3.lanl.gov,
rnayfield@mail.iconnet.com, proff@suburbia.apana.org.au,
jna@concorde.com, bugtraq@fc.net
In-Reply-To: <m0rkdsh-000uKbC@hookomo> from "Timothy Newsham" at Mar 3, 95 10:23:23 am
>
> > Yep hacking suser()'s idea of root's uid is an example of a trivial
> > modification, thats trivial to do. What the other guy was on about - loading
> > new (non-loadable, obviously) modules into a running kernel is distinctly
> > non-trivial in comparison; hence my point that it depends on the mods you're
> > making. Thats whay Im interested to hear the two ways.
>
> Hacking the system to have another idea of what a suser() is is easy enough.
> What is not easy is finding all the userland programs that depend on
> a particular definition of what is and what isnt a super user. For example
> if you changed superuser to uid 31337 then all of the sudden sendmail
> and nfs bugs let you become root without going through another account
> first.
yes but with respect, suser() isnt really the point is it.
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk
|
