Autore: Jeremy Harris Data: To: exim-dev Oggetto: Re: [exim-dev] Exim4 spool directory symlink local root escalation
- does this apply to 4.87?
On 11/09/16 17:16, Andreas Metzler wrote: >> And... is that
>> repeat-by relying on the writability of a library directory
>> by an unpriv process?
>
> /lib/x86_64-linux-gnu/ is 0755 root:root.
In that case I'm not seeing how this stage works:
- Symlink /var/spool/exim4/input/xxxxxx-xxxxxx-xx-J to
/lib/x86_64-linux-gnu/libpam.so.0.83.1
Perhaps I'm not understanding "to". What is the "ls -l" output for
the symlink just created?
--
Cheers,
Jeremy