Glibc Local Root Exploit (fwd)

John Hardin johnh at aproposretail.com
Fri Jan 12 06:48:47 EST 2001


Gert Doering wrote:
> 
> Bind to the privileged socket very early, drop suid, then start doing
> anything else (parsing files, reading things).
> 
> But if the bugs in glibc are bad enough, even that won't help...

I believe that this bug only bites when you call the resolver libraries,
so dropping suid before attempting to resolve the remote host should
avoid the exploitable condition.

--
        John Hardin
        Internal Systems Administrator
        Apropos Retail Management Systems, Inc.
        <johnh at aproposretail.com>  -  (425) 672-1304 x265





More information about the openssh-unix-dev mailing list