Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!auspex!guy From: guy@auspex.auspex.com (Guy Harris) Newsgroups: comp.unix.wizards Subject: Re: getting vendors to fix security bugs Message-ID: <6209@auspex.auspex.com> Date: 21 Feb 91 20:03:41 GMT References: <123382@uunet.UU.NET> <1991Feb20.004811.28521@convex.com> <123462@uunet.UU.NET> Organization: Auspex Systems, Santa Clara Lines: 18 >BTW, what are the chances of hitting the window on the suid scripts? Pretty good. >By that I mean, suppose I have the perfect program to exploit it, >which I've just compiled on a system where a suid script and the >perfect conditions to exploit it exist. Isn't it true that >(1) I have only a very small chance of winning, No. The program I saw got in the window every time I tried it. It's a question of when parent and child processes run; I forget whether it's *guaranteed* to succeed on most UNIX implementations, or just extremely *likely* to succeed. >Has anyone actually successfully exploited this bug (of course I mean >under test conditions, on your own machine, where you have root access anyway), Yes. Brought to you by Super Global Mega Corp .com