Yet another Linux on the desktop article
Jason Clinton
me at jasonclinton.com
Mon Aug 2 19:47:58 CDT 2004
Brian Densmore wrote:
>It's simply a matter of rewriting the bits in the compiled code,
>or attaching a jmp instruction in the program to the Trojan code
>to be attached at the end of the program. After all, it has to be
>converted to machine code somewhere and a simple 'print "Hello World"' one line
>program has many lines of actual instructions. There's bound to be a jmp
>instruction in there somewhere.
>
So, what you're really saying is that if the user has write access to
executables SUID then they might be able to run their own code as the
SUID user? Isn't that the definition of SUID? I fail to see how my
Hello World program is imperfect in some way.
More information about the Kclug
mailing list