Fw: Bug in gcc

["Steffen Wendzel" <garbage-fan at web dot de>]

----- Original Message -----
From: "GNU General Contact Address" <gnu@gnu.org>
To: "CDP_XE" <cdp_xe@gmx.net>
Sent: Thursday, October 25, 2001 4:22 AM
Subject: Re: Bug in gcc


> Could you send this to bug-gcc@gnu.org?  This certainly sounds like a
> problem, and they're the ones who could fix it.
>
> Good luck and happy hacking!
>
> On Sat, Oct 20, 2001 at 10:03:29AM +0200, CDP_XE wrote:
> > Hi !
> >
> > i compiled (as root) an c-source with gcc (latest release under
OpenBSD):
> >
> > # gcc -o glw glw.c
> > # ls -l
> > total 597
> > -rwx------  1 root     wheel     177 Oct 14 01:36 backup
> > -rwxr-xr-x  1 root     wheel   34463 Oct 15 21:15 glw
> > -rw-r--r--  1 garbage  wheel    6888 Oct 15 21:15 glw.c
> > -rw-------  1 garbage  wheel  553296 Oct 14 17:21 glw.core
> > -rw-r--r--  1 garbage  wheel    2186 Oct 15 21:02 glw.h
> >
> > then i compiled the same programm in the same directory
> > as a normal user (the user must have write-access on the
> > directory !!):
> >
> > # gcc -o glw glw.c
> > # ls -l
> > total 597
> > -rwx------  1 root     wheel     177 Oct 14 01:36 backup
> > -rwxr-xr-x  1 garbage  wheel   34463 Oct 16 21:56 glw
> > -rw-r--r--  1 garbage  wheel    6888 Oct 15 21:15 glw.c
> > -rw-------  1 garbage  wheel  553296 Oct 14 17:21 glw.core
> > -rw-r--r--  1 garbage  wheel    2186 Oct 15 21:02 glw.h
> >
> > And now i can overwrite the glw-exec-file from root with mynormal user !
> > If root execute this file (and means its him´sfile) he execute _my_
glw-file
> > (maybe an exploit !) !I testet it under OpenBSD 2.9 an Linux 2.2.10 - it
> > works !
> >
> > cu CDP_XE.
> >
> > - Member of X-Hack - The Swiss Hacker Club -
> > - www.xhack.ch -
> > - cdp_xe@xhack.ch-
> >
> >
>
> --
> Orion Montoya, FSF Office Staff
> Free Software Foundation     |  Phone: +1-617-542-5942
> 59 Temple Place, Suite 330   |  Fax:   +1-617-542-2652
> Boston, MA 02111-1307  USA   |  Web:   http://www.gnu.org
>