| Next | Classic Unix Security Problems | 3 |
I can write out a file with any instructions in it that I want
But when I run this file, it runs with my UID
Because I run it from my shell
Which is already running with my UID
There are a couple of ways around this:
Find an already-running root-user process that will listen to me
Trick it into doing my bidding
e.g., sendmail
Find a setuid root program and trick it by running it in a weird environment
| Next | |
Copyright © 2005 M. J. Dominus |