De fet el cp te un bug que més de un cop ha acabat en una escalada de
privilegis locals:
Al fer un cp es canvia el owner, pero no es dropea el suid, :)
si tens un script que copia periodicament fitxers com root, poses una
nobody shusi (setuided-shell) i aquesta pasa a ser root shushi.
Per cert lo del boomerang+radare es un pas important pel reversing a linux.
salutacions.
2008/5/24, Gerardo García Peña <[EMAIL PROTECTED]>:
> sha0 sha0 escribió:
>> Hi,
>>
>> If radare is being used, and then apply changes with "make install",
>> when radare tryes to do a debug_close() a segfault will appear.
>>
>>
>> The cause is this Makefile's line:
>>
>> -cp -rf src/plug/hack/*.${SHARED_EXT} ${LIBDIR}/radare
>>
>> regrads.
>>
>>
>>
>>
>>
>>
>> (maybe install: delete opened file
>>
>> Maybe Makefile
>> _______________________________________________
>> radare mailing list
>> [email protected]
>> http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
>
> The correct process to install a new file version is 1) remove it 2)
> copy it.
>
> The recommended Unix way to install a file is to use the program install
> (1) that follows the algorithm described above.
>
> Greets,
> ge
>
>
> _______________________________________________
> radare mailing list
> [email protected]
> http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
>
_______________________________________________
radare mailing list
[email protected]
http://lists.nopcode.org/listinfo.cgi/radare-nopcode.org
