Han Boetes wrote:
> John Simpson wrote:
>
>>this only works if the user un-zipping the file is already root.
>>otherwise it creates an "sh" binary which is setuid to the user
>>who unzipped the file. this kind of "exploit" is only useful if
>>you can somehow trick root into unzipping the file- it c...
> John Simpson wrote:
>
>>this only works if the user un-zipping the file is already root.
>>otherwise it creates an "sh" binary which is setuid to the user
>>who unzipped the file. this kind of "exploit" is only useful if
>>you can somehow trick root into unzipping the file- it c...
[ more ]