privesc LD_PRELOAD is not a problem, only part of symptoms. not clearing environment in a setuid binary is the actual issue
-
-
Replying to @tehjh
and in the examples in the blogpost, there is no privilege boundary at all; you could just as well just modify the original program
2 replies 0 retweets 0 likes -
Replying to @tehjh
(also, the "Sandbox unsafe applications" part of that post is nonsense, an application can just call syscalls directly)
1 reply 0 retweets 0 likes
and "no libraries will be preloaded this way if ruid != euid" is also wrong, glibc does load setuid libraries from some folders
12:06 PM - 9 Oct 2016
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.