|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)
Subject: Re: BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)
From: Alan Cox (alan
LXORGUK.UKUU.ORG.UK)
Date: Mon Dec 27 1999 - 18:41:45 CST
- Next message: Brock Tellier: "IBM NetStation/UnixWare local root exploit"
- Previous message: Misha Dankov: "strace can lie"
- In reply to: Yuri Kuzmenko: "Re: BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)"
- Reply: Alan Cox: "Re: BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Non-root users can change the SPEED of shaped interface. I.e., usual user
> can run "shapecfg speed shaper0 XXX" with success result. In my case
> non-root user increases speed of shaped interface to my proxy server. Yep,
> NO ANY suid's on `which shapecfg`. It's has 0755 permission.
>
This was reported a while ago and is already fixed in 2.2.14pre. Pick up the
patch from that to drivers/net/shaper.c. It is the only change needed.
Alan
- Next message: Brock Tellier: "IBM NetStation/UnixWare local root exploit"
- Previous message: Misha Dankov: "strace can lie"
- In reply to: Yuri Kuzmenko: "Re: BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)"
- Reply: Alan Cox: "Re: BUG? Non-root user can configure traffic shaper (2.2.13) (fwd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Tue Dec 28 1999 - 15:44:56 CST