From: Ben Ford <ben@kalifornia.com>
To: Simon Williams <announce@sis-domain.demon.co.uk>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Disturbing news..
Date: Wed, 28 Mar 2001 03:57:44 -0800 [thread overview]
Message-ID: <3AC1D1B8.9080507@kalifornia.com> (raw)
In-Reply-To: ZEABaXAGggw6EwTH@sis-domain.demon.co.uk
Simon Williams wrote:
> In message <20010328100440.A5941@zalem.puupuu.org>, Olivier Galibert
> <galibert@pobox.com> writes
>
>> On Wed, Mar 28, 2001 at 03:04:46PM +0100, Simon Williams wrote:
>>
>>> I think their point was that a program could only change permissions
>>> of a file that was owned by the same owner. If a file is owned by a
>>> different user & has no write permissions for any user, the program
>>> can't modify the file or it's permissions.
>>
>> You mean, you usually have write permissions for other than the owner
>> on executable files?
>>
>> Let me reformulate that. You usually have write permissions for other
>> than the owner, and not only on some special, untrusted log files (I'm
>> talking files, here, not device nodes)? What's your umask, 0?
>>
>
> Firstly, I'm relatively new to Linux (only about 3 yrs experience) &
> don't claim to be an expert. Secondly, I don't think I stated my point
> very clearly.
>
> No, I don't have write permissions set on an executable for any user
> other than the owner.
>
> What I meant was that if a file is owned by root with permissions of,
> say, 555 (r-xr-xr-x), not setuid or setgid, then another executable
> run as a non-root user cannot modify it or change the permissions to
> 7 (rwx).
There are two problems I see here. First, there are several known ways
to elevate privileges. If a virus can elevate privileges, then it owns
you. Second, this is a multi-OS virus. If you dual-boot into Windows,
any ELF files accessible can be infected. With this one, that isn't a
prob, but when somebody codes in an ext2 driver to their virus, then
we've got issues.
-b
next prev parent reply other threads:[~2001-03-28 20:00 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-03-27 21:29 [PATCH] mm/memory.c, 2.4.1 : memory leak with swap cache (updated) Richard Jerrell
2001-03-27 21:18 ` Rik van Riel
2001-03-27 23:10 ` Richard Jerrell
2001-03-27 22:57 ` Rik van Riel
2001-03-28 0:53 ` Ideas for the oom problem james
2001-03-28 0:52 ` Rik van Riel
2001-03-28 1:14 ` Doug Ledford
2001-03-28 3:21 ` Rik van Riel
2001-03-28 3:41 ` Doug Ledford
2001-03-28 3:53 ` Rik van Riel
2001-03-28 1:39 ` james
2001-03-28 5:52 ` Jonathan Morton
2001-03-28 6:16 ` Disturbing news Shawn Starr
2001-03-28 6:33 ` Disturbing news.. Idea Shawn Starr
2001-04-21 0:43 ` Serious Latency problems : 2.4.4-pre5 Shawn Starr
2001-03-28 7:19 ` Disturbing news Matti Aarnio
2001-03-28 7:27 ` Shawn Starr
2001-03-28 12:08 ` Jesse Pollard
2001-03-28 5:50 ` Ben Ford
2001-03-28 12:50 ` Walter Hofmann
2001-03-28 14:04 ` Simon Williams
2001-03-28 15:04 ` Olivier Galibert
2001-03-28 15:49 ` Simon Williams
2001-03-28 11:57 ` Ben Ford [this message]
2001-03-29 8:02 ` Helge Hafting
2001-03-28 17:51 ` Olivier Galibert
2001-03-28 12:53 ` Keith Owens
2001-03-28 13:00 ` Russell King
2001-03-28 14:10 ` Sean Hunter
2001-03-28 15:36 ` john slee
2001-03-28 16:18 ` Jonathan Lundell
2001-04-02 23:10 ` Dr. Kelsey Hudson
2001-03-28 17:29 ` Horst von Brand
2001-03-28 10:00 ` Helge Hafting
2001-03-28 13:25 ` Alexander Viro
2001-03-28 14:32 ` Romano Giannetti
2001-03-28 14:57 ` Bill Rugolsky Jr.
2001-03-28 14:57 ` Alexander Viro
2001-03-28 16:14 ` Romano Giannetti
2001-03-28 14:38 ` Ideas for the oom problem Hacksaw
2001-03-28 15:56 ` Andreas Rogge
2001-03-28 23:33 ` Hacksaw
2001-03-28 23:47 ` Tim Haynes
2001-03-29 0:12 ` Hacksaw
2001-03-27 21:51 ` [PATCH] mm/memory.c, 2.4.1 : memory leak with swap cache (updated) Linus Torvalds
-- strict thread matches above, loose matches on Subject: below --
2001-03-28 14:15 Disturbing news Jesse Pollard
2001-03-28 14:53 ` Russell King
2001-03-28 14:40 Jesse Pollard
2001-03-28 15:08 ` Russell King
2001-03-29 12:05 ` Walter Hofmann
2001-03-28 14:43 Jesse Pollard
2001-03-28 15:31 Jesse Pollard
2001-03-28 15:43 Jesse Pollard
2001-03-28 15:51 Jesse Pollard
2001-03-28 15:54 ` rmk
2001-03-28 21:19 ` Gerhard Mack
2001-03-29 17:10 Jesse Pollard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3AC1D1B8.9080507@kalifornia.com \
--to=ben@kalifornia.com \
--cc=announce@sis-domain.demon.co.uk \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.