Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Sep 2014 13:06:34 -0700
From: Seth Arnold <>
Subject: atd (was: Re: Re: Healing the bash fork)

On Mon, Sep 29, 2014 at 09:59:47AM -0600, Eric Blake wrote:
> So even on Debian, where /bin/sh is dash, this script attempts to
> execute the file named /tmp/exploit=me, possibly under the privileges of
> 'at' rather than as the user that created the file.  No bash needed.

Where does 'at' use the privileges of the at daemon when executing

With just a quick check of the atd sources it looks like privileges are
properly changed before executing the script:


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.