Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_3

Bugtraq archives for 3rd quarter (Jul-Aug) 1995: Re: load.root (loadmodule hole)

Re: load.root (loadmodule hole)

Casper Dik (casperHolland.Sun.COM)
Tue, 26 Sep 1995 15:30:39 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Barr: "Re: INN1.4sec on Linux"
Previous message: Leonard Krylov: "Re: Ray Cromwell: Another Netscape Bug (and possible security"
In reply to: Brad Powell: "Re: load.root (loadmodule hole)"
Next in thread: Brad Powell: "Re: load.root (loadmodule hole)"

>turning of the suid bit works *mostly*
>
> of course don't expect to be able to run openwindows :-)


This is not entirely true.

The set-uid "loadmodule" program is called by openwin *only* if
you start it with the -nosunview option.

If you don't call it with the -nosunview option, you should
be ok w/o loadmodule, provided you install the sunview stuff
on your system.

Alternatively, you can load the modules from /etc/rc.local
at system boot time.

Casper

Next message: Dave Barr: "Re: INN1.4sec on Linux"
Previous message: Leonard Krylov: "Re: Ray Cromwell: Another Netscape Bug (and possible security"
In reply to: Brad Powell: "Re: load.root (loadmodule hole)"
Next in thread: Brad Powell: "Re: load.root (loadmodule hole)"