Possible security problem, need information...
Bruce Barnett
barnett at grymoire.crd.ge.com
Fri Mar 22 06:39:03 AEST 1991
In article <9385 at star.cs.vu.nl> henk at cs.vu.nl (Henk Smit) writes:
> How strange it seems, I can't see an obvious security
> gap in "drwxrwxrwt" on /.
I think the greatest danger is adding a new file to / that didn't
exist before. Sure the .cshrc, .profile, and .login files might be
there. But what about:
.forward
.emacs
.rhosts
.mailrc
.kshrc
.Xdefaults
.suntools
.logout
.twmrc
.history
.sh_history
.dbxinit
.xinitrc
.cm.rc
.xrdb
.rnmac
.mailcf
.textswrc
.indent
etc., etc.,
The problem is - how do you know which .mumble files have to be
protected, and how do you know if you found them all.
Some programs don't document the .mumble files they use, and
some of these files might allow someone to break into a root account.
I am not saying that every one of these files, if world writable,
would allow someone to break intro a root account, but some definately
could. I bet there are a dozen more I left out.
Do you REALLY feel save because of a sticky bit? Not me.
--
Bruce G. Barnett barnett at crd.ge.com uunet!crdgw1!barnett
More information about the Comp.unix.admin
mailing list