Interesting glibc security tidbit: if you have an attack that can create arbitrary files, but not clobber existing ones or control contents, /etc/suid-debug could be a nice target.
-
-
One of those red flags making people to run screaming into the BSD tentcamp
-
I don't understand how any of this ever got past basic common sense: "if suid, don't process any LD_* vars, at all, whatsoever".
- End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.