On Fri, 19 Oct 2001, George Metz wrote: > Basically, the local root exploit involves using newgrp - with setuid bit > set - and ptrace to actually cause a root shell to spawn. LRP 2.9.8 and > variations most likely do not contain this binary; I know that my 2.9.8 > setup doesn't. This IS something kernel-related, as the same programs do > not allow the same hole in *BSD.
Unfortunately, it's not limited to newgrp, su can also be used as mentioned in a followup by Martin Kacer to the original message on bugtraq: http://marc.theaimsgroup.com/?l=bugtraq&m=100351214517799&w=2 As Martin mentions: ... This is a kernel flaw, NOT a bug in newgrp. Other suid programs can be used instead... _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
