Date: Sat, 4 Mar 2000 10:04:50 +0100 From: Rogier Wolff <R.E.Wolff@BITWIZARD.NL> Subject: mtr-0.42 is out. To: BUGTRAQ@SECURITYFOCUS.COM Hi everyone, In response to Viktor's recent publication that mtr might be vulnerable to an attack because it didn't fully drop root privileges, mtr-0.42 is now out. As usual, most of the patch is due to the fact that I upgraded auto-something. I'm pretty confident that an attack WAS possible. (Although I don't know of ANY exploit in curses, gtk or mtr, I'm confident there is one). The offending seteuid call has been in the source since version 0.20. I seem to remember that the setuid that we use now caused problems (i.e. not working or not compiling) on some platforms, however, I have no record of any version having setuid, so I must be imagining things. The setuid there is obviously correct, and what was intended in the first place. Plug: mtr is a full-screen combination of ping and traceroute, and works much faster than traceroute. Roger. -- ** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * Common sense is the collection of * ****** prejudices acquired by age eighteen. -- Albert Einstein ********