[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
su vulnerability on coreutils 6.9 (64-bit Linux)
From: |
Brian Biswas |
Subject: |
su vulnerability on coreutils 6.9 (64-bit Linux) |
Date: |
Thu, 25 Sep 2008 11:18:24 -0400 |
I have built the coreutils 6.9 package (the latest) on a 64-bit x86
Linux system (Linux 2.6).
If as myself (not root) I type:
% su
I become root. No password asked!
Note: This software resides in AFS space. If I build it locally, the
problem does not occur.
BTW, I've also built coreutils 6.9 on the following platforms (all out
of AFS space):
Solaris 9
Solaris 10 (SPARC and x86)
Mac OS X
AIX 5.3
Linux 2.4
Linux 2.6 (32-bit)
None of them have this problem.
- su vulnerability on coreutils 6.9 (64-bit Linux),
Brian Biswas <=