Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 145789 - LD_PRELOAD vulnerability - users can gain root
Summary: LD_PRELOAD vulnerability - users can gain root
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-31 17:17 UTC by r.
Modified: 2007-01-06 17:52 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description r. 2006-08-31 17:17:18 UTC 
Running the following script as ANY user gains root priviledges on the local machine:

cat > a.c << EOF
#include <sys/types.h>

uid_t getuid()
{
  return 0;
}

uid_t getgid()
{
  return 0;
}

uid_t geteuid()
{
  return 0;
}

uid_t getegid()
{
  return 0;
}
EOF

gcc -c a.c
ld -shared -o a.so a.o
export LD_PRELOAD=`pwd`/a.so
sleep 5
echo "......Got shell!"
/bin/bash -i
rm -rf a.so a.c a.o



The accessibility of LD_PRELOAD must be limited as a temporary patch to solve this security issue.
Comment 1 r. 2006-08-31 17:20:34 UTC 
Sorry, this isn't really a vulnerability. Got pranked.
Comment 2 solar (RETIRED) gentoo-dev 2007-01-06 17:52:34 UTC 
Reopening bug so it can be marked as invalid
Comment 3 solar (RETIRED) gentoo-dev 2007-01-06 17:52:57 UTC 
closing now