Re: Linux kernel setgid implementation flaw

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@securityfocus.com
Subject: Re: Linux kernel setgid implementation flaw
From: wietse@porcupine.org (Wietse Venema)
Date: Fri, 19 Jul 2002 12:48:49 -0400 (EDT)
In-reply-to: <20020719141554.694f07e1.fozzy@dmpfrance.com> "from FozZy at Jul19, 2002 02:15:54 pm"
Reply-to: bugtraq@securityfocus.com

FYI,

The August USENIX Security conference has a good paper that examines
in depth the semantics of UID and GID setting calls for Solaris,
FreeBSD and Linux. The differences are quite remarkable.

	Wietse

Setuid Demystified, by Hao Chen, David Wagner, UC Berkeley; Drew
Dean, SRI International
www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf

Follow-Ups:
- Re: Linux kernel setgid implementation flaw
  - From: FozZy

References:
- Re: Linux kernel setgid implementation flaw
  - From: FozZy

Prev by Date: Re: Domain password logon authentication bug in Windows 2000 Advanced Server Domain Controller
Next by Date: RE: Norton AV 2002 rewriting SMTP, breaking TLS
Previous by thread: Re: Linux kernel setgid implementation flaw
Next by thread: Re: Linux kernel setgid implementation flaw
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux