On Wed, 25 Feb 2004, Rodrigo Rubira Branco wrote: > Simply call to setuid(getuid()) isn't sufficient, because if an attacker > discovery buffer overflow, is possibly to he insert call to setuid in > your shellcode, and gain root privilegies.
Hmm.. I'm not sure if I understand what you're referrning to? Could you elaborate + provide a patch or description of the "proper" means? It is assumed that the attacker would only be able to insert shellcode or exploit the system after the privileges have been dropped -- not before that. Note that setuid(getuid()) is only done if the binary is setuid root. For regular binary, you'll setuid to the specific account. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
