MITKRB-SA-2006-001: multiple local privilege escalation vulnerabilities
punadikar.sachin at gmail.com
Wed Aug 16 01:25:30 EDT 2006
I tried code changes suggested by you, and it works fine. Now it is working
as it was working before.
Thanks a lot.
On 8/16/06, Tom Yu <tlyu at mit.edu> wrote:
> >>>>> "Tom" == Tom Yu <tlyu at MIT.EDU> writes:
> Tom> This sounds like a bug in the patch. Try moving the krb5_seteuid(0)
> Tom> call to before the if-statement (so its return value gets
> Tom> ignored... this is safe for seteuid(0) but not for
> Tom> I think the krb5_seteuid(0) call is to change back to UID 0 if that
> Tom> required (on some systems) for changing back to the original target
> Tom> UID.
> This is now ticket #4137 in our bug database; the fix will appear in
More information about the Kerberos