That command is a riddle and, forgive me, but I think your explanation is wrong.
the final sudo -s is not there to create an error. it's a perfectly fine command and is that to just make you root on the spot.

I think a partial explanation of what goes on is this:

the first bin just creates the text you want to shove into the sudoers file. that's clear enough.

the pass to >&3 is saying send this text to file descriptor 3. This doesn't exist..yet...but it will shortly.

So how does the file open happen? Well if you put an environment variable definition in front of a command, what happens is the command runs with that environment variable temporarily set for the duration of the command. thus

DYLD_PRINT_TO_FILE=/etc/sudoers newgrp

says create the env DYLD_PRINT_TO_FILE temporarily and set it to /etc/sudoers and after setting that, then execute newgrp.

newgrp doesn't actually do anything at all here other than launch a new shell which promptly quits. However it does run with setuid root privilege.

guessing here: And while it's running but not doing anything the system goes, oh, I better open a stream to the DYLD_ file because there might be some output to log there. So it opens that file pre-emptively and duly assigns it to file descriptor 3 for input.

unfortunately DYLD has inherited the permission of newgrp to do that, so its doing a file open as root too.

  So we can now write to 3 and DYLD_ redirects that into the file.

at this point I'm not sure what happens exactly. One possibility is the obvious which is that what we write to file descitor 3 goes into the file represent file descriptor 3. that's simple if that's what bash would do. However the explanation of the exploit notes that DYLD_ also fails to close it's file descriptors. In which case what happens is that the newgrp command just exits but because the pipe made it a child, it's parent inherits the dangling filedesciptor. and then that's why we can write to that. I really don't know my bash well enough to say which of those might be the right mechanism here. if either.

anyone alse want to explain?

Another point I'm fuzzy on here is whether the writer needs to have the same setuid as the reader.

Reading the explanation here: https://www.sektioneins.de/en/...
I don't fully understand how it works, but it seems to be more complex than what you just said. I suspect it depends on a parent process inheriting a child procesess setuid for accessing a file.

the bash script however is a riddle to me. I don't understand how the pipe to channel 3 ends up in the /etc/sudoers file. Where does channel 3 go. I suspect the newgrp statement is there to just be any process which does a setuid as root. Not sure. Again I don't understand how it's being called here.

What does the environment variable look like as this executes? which parts of it execute when? and how does the echo get to the file.

the final sudo -s I understand.

can someone break this down for me?

Good question. I don't know the answer, but there's probably a reason.

Bandwidth? Is the flash version lighter than html5? Better buffering? Better caching?
Client performance? Does the flash version run smoother on older hardware?
Features? Is the flash version more functional? (Pause, volume controls, seek, etc..?)
Advertising? Is the flash version integrated with their advertising while html5 is not (yet)?

Interestingly this isn't the first time this happened.. When they first started Isotopic dating there seemed to be no lab pure enough to get the lead out. Even water taken from the widdle of the ocean had the wrong lead isotope ratios. Eventually, years, they realized it was in the air from all the lead in gasoline. The gasoline companies had the guy's funding cut off to suppress this, and trotted out a bunch of "tobacco scientists" to ridicule the guy who discovered it. But eventually this too became fact. Now it's used in reverse, the isotopic ratio of lead is used to track gasoline spill origins.

https://en.wikipedia.org/wiki/...

http://pubs.acs.org/doi/abs/10...

An emergency landing onto a flat open field? Sure.

An emergency landing from a small distance above the tree line above a dense forest? And don't forget there is smoke everywhere obscuring visibility... because the forest is on fire right below you where you are now trying to... "land".

I think there's been more than enough change in the world since then that we can't assume its going to look anything like that ever again. And again, safe shipping lanes in east asia... benefit american citizens in ways that are difficult to quantify. Yes, imports/exports... but access to cheap offshored manufacturing goods at the loss of local manufacturing and local manufacturing jobs. Market efficiency realized to be sure, but the benefit of that market efficiency is largely privatized while the tax payer funds the security enabling those profits.

Yes. I'd be interested in your argument.

Tribute implies coercion and is rarely agreed to. A more constructive approach would be to negotiate funding... it amounts to the same dollars from the same places but is nonetheless significantly different. I completely agree countries that are hiring our security should be paying for their share of it.

I'd also stipulate that corporate interests benefitting from it should likeways fund it. If goods from china for company X flow to the US in shipping lanes protected by the US military, then company X should be paying their share of the cost. The cost of the goods goes up, the cost of the military to the tax payer goes down... so its a 'wash' right? Not quite... the higher priced goods are paid for in all ports of call... western europe, south america etc. So its not solely borne by the US taxpayer. Further, by having the cost of securing the goods reflected in the price of the goods, a market distortion is eliminated. Perhaps it is cheaper to manufacture things in the US rather than manufacture them in China, and then pay an aircraft carrier to guard the shipping lanes. If so we should be making the thing here.

Having the tax payer cover the security cost allows the business to artificially externalize a cost component of the goods. I'm not some free market extremist, and I do think government is in the role of security for its citizens. Securing a shipping lane in east asia? There are lots of good reasons to do that... but it shouldn't be paid for directly by the US tax payer.

I'm not thinking interdiction of trade per se, but rather more along the lines of my example of it amounting to a market distortion; favoring off shoring and corporate profits. The cost of securing those lanes should be in the goods that pass through them, not funded via a taxation back channel.

Key word is *was*. Today we are a net importer to the tune of 3/4 Trillion dollars*. Today its very profitable for other countries to export to the USA. Perhaps at one time it was sensible for the US citizens to secure the shipping lanes, but today, other nations should be paying to secure the shipping lanes they are using to profit from us.

Clearly the idea that the us tax payer should pay all costs of securing foreign profits is even more unsupportable than the idea that we should be securing profits for domestic companies.

* and its even more an issue because so much of our export is intellectual property, which doesn't get moved around in shipping lanes.

Because if the US wasn't doing that the world would fall apart? Typical American jesus complex. What would the real impact be of not doing all that all the time?

And why, pray tell, is it on the American tax payer to fund it, exactly? And why *just* the American tax payers? Nobody else pays as much per capita as the USA does... why does the USA do it?

In a word: money. Big profits reaped by corporations both by having the force projection we have, and reaped by corporations actually providing and maintaining the 'war machine' itself. Between them its very good for business, especially since they were able to find a sucker to pay for it all: The American tax payer.

Privatize the profits, socialize the cost; the ultimate winning play in this fine republic.

I have every reason to believe that Romney would have gathered the same group of advisers around him that had encouraged W to go too far and pushed their propagandizing of the Red states to new heights in hopes of dragging a few trillion more dollars out of the American public while turning the odometer over from IRAQ to IRAN, as a popular poster in US military sites so proudly proclaimed

He actually did this. Basically his foreign policy during his campaign was PNAC alumni and FPI members. It wasn't any kind of mistake or coincidence that he titled his foreign policy page "New American Century". This wasn't a dog-whistle. It was a shout with a bullhorn.

Marco Rubio has taken the same slogan. It's not a coincidence either.

http://www.breitbart.com/2016-...

Notice that this isn't MSNBC pointing this out.

What Breitbart doesn't do is fully explain what it means and who it is. They certainly do link to Sourcewatch, but people hardly click through.

American Enterprise Institute -> PNAC ->FPI

They're not going away and their modus is to find a stooge to manipulate. And they've found at least one.

BTW, I just discovered the Library of Congress has archived the PNAC site.

It's never going away or going to be scrubbed. How cool is that?

http://webarchive.loc.gov/all/...

--
BMO

Interesting, but nonsense. There is little chance we would have had "boots on the ground" in Tehran

Dan Senor said on Meet The Press that we'd go to war at the behest of Israel if they bothered to ask.

It's one of Bibi's wet dreams. Of course he'd ask.

Did Romney walk it back? No. No he did not. At all. Don't even bother to try to dispute this, it's googleable.

"Perpetual war" driven by business is a load of bull.

Then explain the trillions we pissed away in Iraq and Afghanistan. They went somewhere. Certainly not in the pockets of the Iraquis or you or me. Maj Gen Smedley Butler is laughing at you from beyond the grave.

re: your implication that the rate of equipment replacement is the same in war as it is in peacetime because it will happen "one way or another"

Blatantly, laughably false.

Ok, you're just a loonie. I should have known better than attempt rational discussion with you.

--
BMO

Romney was a tool of W's neocon backers that needed a new stooge.

As a candidate, he even had his web page for foreign policy titled New American Century and hired people like Dan Senor as the foreign policy brain trust.

We would have had boots on the ground in Tehran a month after his inauguration. Because perpetual war is good for (war) business, dontchaknow.

--
BMO

deliberately understate it
he may be completely clueless

whynotboth.jpg

Obama has absolutely refused to use the bully pulpit to stand up for principles and what is right.

Because I think he assumes that everyone is dealing in good faith and that somehow giving away the store at the beginning of a debate is good compromising. Or something. I don't know. I don't care anymore.

He's only slightly better than W and not the effin' disaster we would have had with Romney.

[rant]

Speaking of which, is there not a single Republican left with any principles at all that aren't straight out of Atlas Shrugged and The Fountainhead and Anton LaVey's COS? Trump seems to have gotten his philosophy from the Three Stooges.

I'm not looking forward to a Hillary presidency but at this rate the Republicans are just going to hand it to her if she doesn't lose to Bernie in the primaries because she took her position for granted.

[/rant]

--
BMO

Why would anybody, in their right mind, get a CS or IT degree if they knew how shitty the environment was?

Microsoft and every other tech company: We want talent, but we don't want to pay for it. Give us more H1-B workers to cut the average salary, please.

Game corps: We slave-drive our workers, because it's better to take young talent and burn them out so they leave before they get too expensive. Which is why we're always re-inventing wheels.

IT: Dealing with really ungrateful idiots every day, all week, all year. The higher-up the chain, the stupider (with tech) they are.

Why would anyone, male or female, bother to get into this?

Fuck it. Play soccer.

--
BMO

The first half, pretty much yes. The 2nd half not even close.

One time I was travelling straight through an intersection on a green light; and struck a vehicle performing a turning turn. He evidently didn't see me coming and pulled out right in front of me. I hit him in the passenger side door with the front of my car.

The 2nd attempted an illegal U-turn in an intersection. Again, I was just sailing straight through on a green light, and hit him in the passenger side door too.

I was also once stopped at an intersection, with a green light, waiting to make a left turn due to oncoming traffic. I was rear ended and pushed into oncoming traffic where I then proceeded to have a head on collision with that oncoming traffic. (Fortunately they were able to hit their brakes and slowed enough that injuries were minor.) I was found 100% not at fault.

Fault is a lot more complicated than "front = your fault"

"C&C"

I always read that as "coffee and cats."

Pawn Storm Group Makes Trend Micro IP Address a Coffee and Cats Server

YMMV.

--
BMO

It won't work. I don't think you can reasonably claim this will change the actions of the Iranians at all.

Brilliant logic. Then why try to do anything at all that's difficult?

What a dark miserable little world you live in.

--
BMO