1.0.2 • Published 3 years ago

setuid-test v1.0.2

Weekly downloads
4
License
ISC
Repository
-
Last release
3 years ago

This package is for testing only. Demonstrates that npm i setuid-test -g will result in an executable with setuid bit set being installed on the target system. Basically NPM just unpacks a tar file preserving all permission bits. This is a potential vector for priviledge escalation ... but then again NPM will also run a bunch-a script from the package on installation anyway so ...

@infinitebrahmanuniverse/nolb-set@everything-registry/sub-chunk-2741
1.0.2

3 years ago

1.0.1

3 years ago

1.0.0

3 years ago