Bugtraq mailing list archives
Re: SunOS newsyslog bug
From: jsz () ramon bgu ac il (jsz)
Date: Fri, 26 Aug 94 21:25:57 IDT
I was surprise to see that in SunOS (4.1.3 and U1) the command /usr/lib/newsyslog do a 'chmod 666' on the $LOG (= syslog) file he just created. Thus, after running newsyslog, which is done in the crontab, the new log files is writable by everybody :-( Does this chmod has been corrected by Sun? jean.
The other real problem with /usr/lib/newsyslog is that it's being executed by a crontab job as root, but it's owned by bin. 100103-12 patch doesn't change its ownership.
Current thread:
- SunOS newsyslog bug Jean Chouanard (Aug 26)
- Re: SunOS newsyslog bug jsz (Aug 26)
- Re: SunOS newsyslog bug System Administrator (Aug 29)
- Tripwire V1.2 Release (Finally!) Gene Spafford (Aug 30)
- NFS UID bug. Casper Dik (Aug 31)
- DEC OSF/1 Enhanced Security passwd problem Tim DiLauro (Aug 31)
- <Possible follow-ups>
- Re: SunOS newsyslog bug Kenneth Kron - (Aug 26)