Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: permissions

From: rwing!pat () ole cdac com (Pat Myrto)
Date: Mon, 16 May 94 18:12:25 PDT

"In the previous message, Perry E. Metzger said..."



Steve Simmons says:

Ob. Bug:

The System V vendor(s) who shipped both / and /etc with mode 777.


To this day, SunOS ships with horrible permissions on directories.
Directories that because of NFS vulnerabilities should be owned by
root ship owned by bin; /usr/games ships with loads of suid and sgid
programs that are potential security holes, etc. Part of the
system install proceedure at my last job was a large chmod/chown
script we ran on every machine...


There is a patch, that is nothing more than a script that improves
the perms that is available, at least for SunOS 4.1.x.  As you point out
it changes /etc/ from bin to root, and the same with a lot of other
subdirs.  How complete it is, I don't know but it is far better than
the original.

And yes, I remember the UNIX PC that shipped with mod 777 on / ...
And I am sure there are others.  I routinely check the /, etc, /bin,
/usr, /usr/bin, and /usr/local subdirs for permissions as one of the
first things I do when a new install first comes up.

-- 
pat@rwing  [If all fails, try:  rwing!pat () ole cdac com]  Pat Myrto - Seattle WA
"No one has the right to destroy another person's belief by demanding
empirical evidence."  --   Ann Landers, nationally syndicated advice columnist
and Director at Handgun Control Inc.
Previous By Date Next
Previous By Thread Next

Current thread: