MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities
Sachin Punadikar
punadikar.sachin at gmail.com
Wed Aug 16 01:25:30 EDT 2006
Tom,
I tried code changes suggested by you, and it works fine. Now it is working
as it was working before.
Thanks a lot.
- Sachin.
On 8/16/06, Tom Yu <tlyu at mit.edu> wrote:
>
> >>>>> "Tom" == Tom Yu <tlyu at MIT.EDU> writes:
>
> Tom> This sounds like a bug in the patch. Try moving the krb5_seteuid(0)
> Tom> call to before the if-statement (so its return value gets
> Tom> ignored... this is safe for seteuid(0) but not for
> seteuid(not_zero)).
> Tom> I think the krb5_seteuid(0) call is to change back to UID 0 if that
> is
> Tom> required (on some systems) for changing back to the original target
> Tom> UID.
>
> This is now ticket #4137 in our bug database; the fix will appear in
> krb5-1.5.1.
>
> ---Tom
>
More information about the Kerberos
mailing list