Glibc Local Root Exploit (fwd)
Gert Doering
gert at greenie.muc.de
Fri Jan 12 08:10:47 EST 2001
Hi,
On Thu, Jan 11, 2001 at 11:48:47AM -0800, John Hardin wrote:
> > Bind to the privileged socket very early, drop suid, then start doing
> > anything else (parsing files, reading things).
> >
> > But if the bugs in glibc are bad enough, even that won't help...
>
> I believe that this bug only bites when you call the resolver libraries,
> so dropping suid before attempting to resolve the remote host should
> avoid the exploitable condition.
For this specific bug, yes. I was thinking more in the general direction
of "is there a way to avoid being bitten by a similar bug in the future".
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list