Possible security problem, need information..
Ric Anderson,GS-746,6214048,
ric at optima.UUCP
Wed Mar 20 09:00:17 AEST 1991
>From article <1991Mar19.194216.5763 at kithrup.COM>, by sef at kithrup.COM (Sean Eric Fagan):
> In article <1991Mar19.151145.11208 at decuac.dec.com> mjr at hussar.dco.dec.com (Marcus J. Ranum) writes:
>>>"ls -ld /" is "drwxrwxrwt".
>> mv /bin /...
>
> Won't work. Notice the sticky-bit is set on /. That means you cannot delete
> or rename files that you do not own. You can create new files and
> directories in /, but that's about it. So it's less insecure than it
> appears.
> Sean Eric Fagan sef at kithrup.COM
The sticky bit is NOT (repeat NOT) implemented on all systems. If the
sticky bit is implemented CORRECTLY, then the worst I can do is create
a file in /, and make it grow till "/" fills up. This is good for a
crash on some systems :-)
However, if the sticky bit is unimplemented, or is implemented half
heartedly, then you can move files you own on top of files someone else
owns (even though you may not be able to rm files owned by others).
Ric
Ric Anderson Member of the Technical Staff
University of Arizona Internet: ric at cs.arizona.edu
Department of Computer Science UUCP: uunet!arizona!ric
Gould-Simpson Room 721 Bitnet: ric%cs.arizona.edu at arizona.bitnet
Tucson, Arizona 85721 AT&T: (602) 621-4048
More information about the Comp.unix.admin
mailing list