Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 145789

Summary: LD_PRELOAD vulnerability - users can gain root
Product: Gentoo Security Reporter: r. <zedr>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: critical    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description r. 2006-08-31 17:17:18 UTC 
Running the following script as ANY user gains root priviledges on the local machine:

cat > a.c << EOF
#include <sys/types.h>

uid_t getuid()
{
  return 0;
}

uid_t getgid()
{
  return 0;
}

uid_t geteuid()
{
  return 0;
}

uid_t getegid()
{
  return 0;
}
EOF

gcc -c a.c
ld -shared -o a.so a.o
export LD_PRELOAD=`pwd`/a.so
sleep 5
echo "......Got shell!"
/bin/bash -i
rm -rf a.so a.c a.o



The accessibility of LD_PRELOAD must be limited as a temporary patch to solve this security issue.
Comment 1 r. 2006-08-31 17:20:34 UTC 
Sorry, this isn't really a vulnerability. Got pranked.
Comment 2 solar (RETIRED) gentoo-dev 2007-01-06 17:52:34 UTC 
Reopening bug so it can be marked as invalid
Comment 3 solar (RETIRED) gentoo-dev 2007-01-06 17:52:57 UTC 
closing now