On Thu, Aug 27, 2009 at 11:54 AM, Merlijn van Deen<valhallasw(a)arctus.nl> wrote:
I would not be too certain about that. For example,
buffer overflows are
generally only a security problem when they happen in suid-root programs -
this is why programs designed to be suid root have thorough checks on such
problems. Software designed to be used by root does not always have the
same thoroughness of checks - and running such software via sudo could
expose these errors as security problems.
Any widely-used software with a known buffer overflow gets fixed.
This is just as true for shutdown as for ping. You're far *more*
likely to find a serious vulnerability in the kernel or services that
run as root, just because of their vastly greater LOC. A user who was
dedicated enough to try finding a buffer overflow in kill (which is
only 16K compiled on nightshade, BTW, and I doubt it's often been
changed) could save himself some effort by just waiting for a kernel
privilege escalation vulnerability announcement and pulling a zero-day
exploit.