Re: load.root (loadmodule hole)

Pat The Friendly RedNeck (pat@WOLFE.net)
Fri, 15 Sep 1995 17:14:39 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Karl Strickland: "Re: load.root (loadmodule hole)"
Previous message: Brad Powell: "Re: load.root (loadmodule hole)"
In reply to: Fred Blonder: "Re: load.root (loadmodule hole)"
Next in thread: Urban: "Re: load.root (loadmodule hole)"

> Am I overlooking something obvious here, or would simply turning off the
> set-UID bit on "loadmodule" be an acceptable temporary workaround for
> most sites?

I dunno, but I noticed it is not called unless one starts an openwin
session with the -nosunview option (at least on the machine I used).  I
ran across this when I had loaded openwin, but failed to run
install_openwin, which sets up the stuff in /etc/openwin/modules, which
is what it actually loads and the scripts it runs.  It became apparant
when I tried to run it with the -nosunview option, and got all these
error messages.

So it might be possible to just chmod 400 loadmodule and get around it.
This is not an option if one has built a kernel w/o any sunview support,
such that openwin won't run without using the -nosunview option...

> -----
> Fred Blonder            fred@nasirc.hq.nasa.gov

> Hughes STX Corp.        (301) 441-4079
> 7701 Greenbelt Rd.
> Greenbelt, Md.  20770


--
#include <std.disclaimer>    Pat Myrto (pat@Wolfe.NET)       Seattle WA
A sysadmin's life is a sorry one.  The only advantage he has over Emergency
Room doctors is that malpractice suits are rare.  On the other hand, ER
doctors never have to deal with patients installing new versions of their
own innards!   -Michael O'Brien

Next message: Karl Strickland: "Re: load.root (loadmodule hole)"
Previous message: Brad Powell: "Re: load.root (loadmodule hole)"
In reply to: Fred Blonder: "Re: load.root (loadmodule hole)"
Next in thread: Urban: "Re: load.root (loadmodule hole)"