Reply to post: Re: The real culprit

Get root on an OS X 10.10 Mac: The exploit is so trivial it fits in a tweet

Dazed and Confused Silver badge
Facepalm

Re: The real culprit

> Lots of good stuff about SUID

Most *nix implementations makes sure that things aren't left open when using SUID, so for example LD_PRELOAD on HP-UX allows you control the loading of libraries, but not for SUID programs, where it's just ignored.

If you are going to need to make a hole in your security model, such as SUID, you have to make sure everything around it is guarded.

But no SUID and there can be no passwd command, no sudo or su etc...

But this hole is just plain dumb.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019