Unwanted privilege escalation


In general, obtaining any kind of privilege through unintended, unexpected, or unwanted means is the most common way to bypass other security restrictions. The common ways this is done on UNIX systems are:

An "exploit" is any method by which one can obtain privileged access that is unwanted (by the legitimate administrators). There are two main classes of exploits based on what sort of access is needed to attempt them:

Local exploits require some legitimate access to the system. Generally these involve exploitation of bugs in setuid/setgid programs or services that are accessible only to logged-in users.

Remote exploits typically involve exploitation of bugs in network servers or other resources reachable by any user on the network; consequently, these can be much riskier since in general anyone on the Internet can attempt them.

"Back doors" are deliberate mechanisms for obtaining access, usually coded in by a programmer as a debugging tool but sometimes as a deliberate attempt to sneak that mechanism into a system.

"Trojans" (as in the Trojan Horse) are programs that are somehow given to a trusting user for him or her to run; as a (usually hidden) side effect these use that user's privilege to create back doors or perform privileged actions.

Next ->


Steve VanDevender
Last modified: Wed Jul 7 14:07:27 PDT 2010