An Atypical Confused Deputy Bug

[magazine]
Volume-Issue: 
2002-06
Article Summary: 

FreeBSD is a popular free version of Unix, much like Linux. In April, the FreeBSD project released a security advisory, which warned that any logged-in user could gain full control of, or "root access" to, almost any machine running any previous version of FreeBSD. The problem was due to a bug in a program called keyinit. It’s an atypical example of a confused deputy bug. However, it is often useful for programs to be allowed to do things their invokers can’t. In this month's bug report, Kragen Sitaker tells the story of this atypical "confused deputy" bug.