|Next||Classic Unix Security Problems||11|
passwd opens the password file for writing
A newly-opened file uses the lowest available descriptor
In this case, 2
Then passwd writes the prompt to stderr
That is, to descriptor 2
The prompt is written into the password file!
With potentially disastrous results
Conclusion: setuid programs are very hard to get right!
|Next||Copyright © 2005 M. J. Dominus|