Bugtraq mailing list archives

Re: SunOS newsyslog bug

From: jsz () ramon bgu ac il (jsz)
Date: Fri, 26 Aug 94 21:25:57 IDT


I was surprise to see that in SunOS (4.1.3 and U1) the command
/usr/lib/newsyslog do a 'chmod 666' on the $LOG (= syslog) file he just 
created.
Thus, after running newsyslog, which is done in the crontab,
the new log files is writable by everybody :-(

Does this chmod has been corrected by Sun?

jean.



The other real problem with /usr/lib/newsyslog is that it's being executed
by a crontab job as root, but it's owned by bin. 100103-12 patch doesn't
change its ownership.

Current thread:

SunOS newsyslog bug Jean Chouanard (Aug 26)
- Re: SunOS newsyslog bug jsz (Aug 26)
- Re: SunOS newsyslog bug System Administrator (Aug 29)
- Tripwire V1.2 Release (Finally!) Gene Spafford (Aug 30)
- NFS UID bug. Casper Dik (Aug 31)
- DEC OSF/1 Enhanced Security passwd problem Tim DiLauro (Aug 31)
- <Possible follow-ups>
- Re: SunOS newsyslog bug Kenneth Kron - (Aug 26)