Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
application security,
professionally evil,
Secure Ideas,
Linux,
programming,
File Descriptors,
SetUID,
Privilege Escalation
Privilege Escalation via File Descriptors in Privileged Binaries
Today I wanted to cover an application security topic that applies to SetUID binaries. As we all know, making a mistake in a SetUID binary will lead to privilege escalation. Today’s topic is about SetUID binaries that drop privileges, but leave a file they opened, well, opened. This creates ...
Learn more