Twitter | Pretraživanje | |
Grant Hernandez 24. sij
In vixie-cron, SUID crontab prevents crontab editing if /etc/cron.allow is empty. If you force the ulimit for open files to be 4, auth check is bypassed but you hit another error lower down :( $ bash -c 'ulimit -n 4; crontab newtab' /var/spool/cron/: mkstemp: Too many open files
Reply Retweet Označi sa "sviđa mi se"
Grant Hernandez 24. sij
Odgovor korisniku/ci @Digital_Cold
Normally it would say this: $ crontab newtab You (grant) are not allowed to use this program (crontab) See crontab(1) for more information
Reply Retweet Označi sa "sviđa mi se"
Grant Hernandez 24. sij
Odgovor korisniku/ci @Digital_Cold
This is the allowed check that is passed to the lack of error handling on fopen: And this is as far as the program gets with the new ulimit:
Reply Retweet Označi sa "sviđa mi se"
Grant Hernandez
Looks like a bug, and almost a vulnerability, but not quite. Maybe some better pwners can take this to an exploit?
Reply Retweet Označi sa "sviđa mi se" More