immibis, 3 months ago @BlanK0 @security the fix commit says the problem occurs when the program name is very long - so probably not very exploitable, as the program name is usually set in stone.
@BlanK0 @security the fix commit says the problem occurs when the program name is very long - so probably not very exploitable, as the program name is usually set in stone.
BlanK0, 3 months ago Thx for pointing that out 🤙
Thx for pointing that out 🤙
CameronDev, 3 months ago Symlink or copy/rename could trigger it, as long as there is a user writable area with execute perms? /home usually allows exec? Also some of the exec* functions allow manipulating the argv[0], so possibly another vector there.
Symlink or copy/rename could trigger it, as long as there is a user writable area with execute perms? /home usually allows exec?
Also some of the exec* functions allow manipulating the argv[0], so possibly another vector there.
Add comment