[SECURITY] Simpleinit root exploit

Matthias Benkmann matthias at winterdrache.de
Mon May 27 10:01:47 PDT 2002


On Mon, 27 May 2002 07:06:21 -0400 "Donald G. Wilson Jr."
<wilson at warwick.net> wrote:

> Thanks for responding. One more question though. Are you saying it can't
> be exploited from another machine? (say over the internet) I apologize 
> for such simpleton questions, but my knowledge of linux security is
> weak.

If you were running a daemon that allows remote logins and that passes on
file descriptors to processes logging in, then yes. sshd *doesn't* do
this, so it is safe even when started from a bootscript.

MSB
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list