jfh@rpp386.cactus.org (John F Haugh II) (02/21/91)
In article <123462@uunet.UU.NET> rbj@uunet.UU.NET (Root Boy Jim) writes: >Has anyone done any real measurements? Has anyone actually >successfully exploited this bug (of course I mean under test >conditions, on your own machine, where you have root access anyway), >or do we all just parrot this mantra: suid scripts are insecure. I've tried measuring it and this is what I've found - * the window is bigger on more heavily loaded systems. * anyone can heavily load a system. * you can fake it using "nice". Regarding the first point, on a lightly loaded system I had trouble exploiting the bug. But when I made the system crawl, I hit the hole the first or second time around almost every time. -- John F. Haugh II UUCP: ...!cs.utexas.edu!rpp386!jfh Ma Bell: (512) 832-8832 Domain: jfh@rpp386.cactus.org "I've never written a device driver, but I have written a device driver manual" -- Robert Hartman, IDE Corp.