Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Lupe Christoph (lupelupe-christoph.de)
Date: Thu Jul 26 2001 - 01:42:18 CDT
On Wednesday, 2001-07-25 at 19:24:29 +0900, SeungHyun Seo wrote:
> It still seems to be affected under 3.5beta9 (including this version)
> someone said it's not the problem of exploitable vulnerability about 8 month ago ,
> but it's possible to exploit though situation is difficult.
> following code and some procedure comments demonstrate it.
> possible to get kmem priviledge in the XXXXBSD which is still not patched,
> possible to get root priviledge in solaris .
Top does not need to be SUID root in Solaris, either. The default
install uses this mode (clipped from the Makefile generated on
Solaris 8 x86):
MODE = 2711
GROUP = sys
Both /dev/mem and /dev/kmem are
crw-r----- 1 root sys 13, 1 Dec 3 2000 /dev/kmem
crw-r----- 1 root sys 13, 0 Dec 3 2000 /dev/mem
-- | lupelupe-christoph.de | http://free.prohosting.com/~lupe | | I have challenged the entire ISO-9000 quality assurance team to a | | Bat-Leth contest on the holodeck. They will not concern us again. | | http://public.logica.com/~stepneys/joke/klingon.htm |