svgalib risks

Pondělí Prosinec 1 00:05:40 CET 1997

Hi!

>     jaroslav> Ale
>     jaroslav> funkce vga_init() ty prava ziskana pres SUID shazuje,
>     jaroslav> takze kdyz se pouzije na zacatku, tak IMHO to potom
>     jaroslav> nejde o moc vice exploitnout nez rozhodit obraz, ne?
> 
> pred casom na debian-devel mailingliste napisal joey hess toto:
> 
>   Of course, svgalib does give up suid root permissions when it
>   initializes. However, there have been plenty of security problems in
>   the past with suid games that waited too long to give up their suid
>   root and were exploitable.
> 
> ps: jedna zaujimava alternativa k suidroot je ioperm, viacej na
> http://www.inka.de/~bigred/sw/ioperm.txt...

...ktera moc nepomuze, protoze mam-li pristup k portum, muzu velmi ucine
skodit i bez uid 0... Je fakt ze pokud jsou porty dost jemne
rozdeleny, mozna muzu skodit jen grafice. Ale bojim se ze Linux na
ix86 neni ten pripad.

-- 
I'm really pavel na atrey.karlin.mff.cuni.cz. 	   Pavel
Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).