Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > comp.os.linux.misc > #86114

Re: copy.fail

From pa@see.signature.invalid (Pierre Asselin)
Newsgroups comp.os.linux.misc
Subject Re: copy.fail
Date 2026-05-03 18:11 +0000
Organization PANIX Public Access Internet and UNIX, NYC
Message-ID <10t834i$dlm$1@reader1.panix.com> (permalink)
References (1 earlier) <10t09ci$3mbqc$1@news.xmission.com> <10t228c$17p94$1@news1.tnib.de> <wwv340bcbzf.fsf@LkoBDZeT.terraraq.uk> <10t4jl1$3ume2$1@news.xmission.com> <wwvfr49mpv3.fsf@LkoBDZeT.terraraq.uk>

Show all headers | View raw

Richard Kettlewell <invalid@invalid.invalid> wrote:
> [ ... ]
> Stopping unprivileged users getting a file descriptor onto anything that
> might be executing, or executed, with different credentials would reduce
> risk by excluding all attacks that depended somehow on getting a file
> descriptor onto the target file. As already noted there?s a problem with
> shared libraries.

That doesn't solve anything. Letting an unprivileged user modify
the cached copy of files is BAAAAD. It doesn't have to be executable
code. /etc/passwd would be a good one, poke zeros in your uid:gid
fields, log out, log back in.

Even without privilege escalation, corrupting (cached copies of) random
files can wreak havoc.

Back to comp.os.linux.misc | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

copy.fail Eli the Bearded <*@eli.users.panix.com> - 2026-04-30 05:40 +0000
  Re: copy.fail Ralf Fassel <ralfixx@gmx.de> - 2026-04-30 16:39 +0200
  Re: copy.fail jayjwa <jayjwa@atr2.ath.cx.invalid> - 2026-04-30 11:25 -0400
    Re: copy.fail gazelle@shell.xmission.com (Kenny McCormack) - 2026-04-30 19:09 +0000
      Re: copy.fail Marc Haber <mh+usenetspam2616@zugschl.us> - 2026-05-01 13:19 +0200
        Re: copy.fail Richard Kettlewell <invalid@invalid.invalid> - 2026-05-01 17:48 +0100
          Re: copy.fail gazelle@shell.xmission.com (Kenny McCormack) - 2026-05-02 10:28 +0000
            Re: copy.fail gazelle@shell.xmission.com (Kenny McCormack) - 2026-05-02 12:12 +0000
            Re: copy.fail pa@see.signature.invalid (Pierre Asselin) - 2026-05-02 21:46 +0000
              Re: copy.fail Lawrence D’Oliveiro <ldo@nz.invalid> - 2026-05-02 23:44 +0000
                Re: copy.fail gazelle@shell.xmission.com (Kenny McCormack) - 2026-05-03 01:12 +0000
                Re: copy.fail rbowman <bowman@montana.com> - 2026-05-03 02:46 +0000
                Re: copy.fail Richard Kettlewell <invalid@invalid.invalid> - 2026-05-03 09:55 +0100
            Re: copy.fail Richard Kettlewell <invalid@invalid.invalid> - 2026-05-02 23:02 +0100
              Re: copy.fail pa@see.signature.invalid (Pierre Asselin) - 2026-05-03 18:11 +0000
                Re: copy.fail Richard Kettlewell <invalid@invalid.invalid> - 2026-05-03 23:05 +0100
    Re: copy.fail Richard Kettlewell <invalid@invalid.invalid> - 2026-04-30 22:41 +0100
    Re: copy.fail Stéphane CARPENTIER <sc@fiat-linux.fr> - 2026-05-01 09:33 +0000
  Re: copy.fail Ralf Fassel <ralfixx@gmx.de> - 2026-05-01 23:17 +0200
    Re: copy.fail Rich <rich@example.invalid> - 2026-05-06 04:17 +0000
  Re: copy.fail Woozy Song <suzyw0ng@outlook.com> - 2026-05-03 11:42 +0800

csiph-web