Re: Opinion on checking return value of setuid(getuid())?
On 1 October 2012 07:08, Konstantin Belousov <kostikbel@gmail.com> wrote:
> I do not believe in the dreadful 'flood ping' security breach. Is a
> local escalation possible with non-dropped root ?
It is clearly a local escalation: a non-root user can do something
which was intended only for root. It is a different question how
serious the breach is.
--
Eitan Adler
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 7 之 14 篇):