OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq Archives: Re: majordomo local exploit

Re: majordomo local exploit


Subject: Re: majordomo local exploit
From: Christopher X. Candreva (chrisWESTNET.COM)
Date: Wed Dec 29 1999 - 08:52:33 CST


On Tue, 28 Dec 1999, Brock Tellier wrote:

> but wrapper immediatly setuid()'s and setgid()'s to owner:daemon before
> execing the wrapped program.

Bugs in resend aside, this appears to be an incorrect configuration of
wrapper. majordomo should have it's own group as well as user, and it
should change to that group, not daemon. This is according to Doc/FAQ in the
Majordomo 1.94.4 distribution.

The whole point of the wrapper and unique uid/gid is to limit the effect of
such bugs.

-Chris

==========================================================
Chris Candreva -- chriswestnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/



This archive was generated by hypermail 2b27 : Wed Dec 29 1999 - 19:14:01 CST