[18567] in bugtraq
Re: Glibc Local Root Exploit
daemon@ATHENA.MIT.EDU (Simon Cozens)
Fri Jan 12 11:50:28 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20010111020406.A9633@pembro26.pmb.ox.ac.uk>
Date: Thu, 11 Jan 2001 02:04:07 +0000
Reply-To: Simon Cozens <simon@COZENS.NET>
From: Simon Cozens <simon@COZENS.NET>
X-To: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.30.0101101741160.531-100000@mail>; from
bgreenbaum@SECURITYFOCUS.COM on Wed, Jan 10,
2001 at 05:53:03PM -0800
And a patch. Yeah, it's pretty obvious, but nobody's produced it yet.
Of course, it'll take you forever to *compile* the thing. :)
--- sysdeps/generic/unsecvars.h~ Wed Jan 10 23:37:09 2001
+++ sysdeps/generic/unsecvars.h Wed Jan 10 23:37:20 2001
@@ -5,7 +5,7 @@
"LOCPATH", \
"MALLOC_TRACE", \
"NLSPATH", \
- "RESOLV_HOST_CONF" \
+ "RESOLV_HOST_CONF", \
"RES_OPTIONS", \
"TMPDIR", \
"TZDIR"
--
He who makes a beast of himself gets rid of the pain of being a man.
-H.S. Thompson
