Bugtraq mailing list archives
Re: permissions
From: rwing!pat () ole cdac com (Pat Myrto)
Date: Mon, 16 May 94 18:12:25 PDT
"In the previous message, Perry E. Metzger said..."
Steve Simmons says:Ob. Bug: The System V vendor(s) who shipped both / and /etc with mode 777.To this day, SunOS ships with horrible permissions on directories. Directories that because of NFS vulnerabilities should be owned by root ship owned by bin; /usr/games ships with loads of suid and sgid programs that are potential security holes, etc. Part of the system install proceedure at my last job was a large chmod/chown script we ran on every machine...
There is a patch, that is nothing more than a script that improves the perms that is available, at least for SunOS 4.1.x. As you point out it changes /etc/ from bin to root, and the same with a lot of other subdirs. How complete it is, I don't know but it is far better than the original. And yes, I remember the UNIX PC that shipped with mod 777 on / ... And I am sure there are others. I routinely check the /, etc, /bin, /usr, /usr/bin, and /usr/local subdirs for permissions as one of the first things I do when a new install first comes up. -- pat@rwing [If all fails, try: rwing!pat () ole cdac com] Pat Myrto - Seattle WA "No one has the right to destroy another person's belief by demanding empirical evidence." -- Ann Landers, nationally syndicated advice columnist and Director at Handgun Control Inc.
Current thread:
- Time For New Security Package? (was Re: new iss stuff), (continued)
- Time For New Security Package? (was Re: new iss stuff) David Bianco (May 10)
- Re: Time For New Security Package? (was Re: new iss stuff) Tom Fitzgerald (May 10)
- Re: Time For New Security Package? (was Re: new iss stuff) Oliver Friedrichs (May 11)
- ANNOUNCING THE [8LGM] FILESERVER & MAILING LIST INFO Karl Strickland (May 14)
- Re: Time For New Security Package? (was Re: new iss stuff) Gene Spafford (May 14)
- The ISS Program Paul Robinson (May 10)
- wolves and sheep on the inet Timothy Newsham (May 11)
- Re: wolves and sheep on the inet Gene Spafford (May 13)
- Re: wolves and sheep on the inet Steve Simmons (May 13)
- permissions Perry E. Metzger (May 16)
- Re: permissions Pat Myrto (May 16)
- Re: permissions Evil Pete (May 17)
- Re: permissions Pat Myrto (May 17)
- Re: permissions Gene Spafford (May 17)
- Re: permissions Evil Pete (May 18)
- Time For New Security Package? (was Re: new iss stuff) David Bianco (May 10)
- Re: permissions Evil Pete (May 18)
- [8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX [8LGM] Security Team (May 13)
- iss equivalents *Hobbit* (May 11)
- Source vs. binary for tools Jeremy Epstein -C2 PROJECT (May 12)
- runaway lockd problems (SunOS 4.1.3) Pat Myrto (May 12)
- [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 [8LGM] Security Team (May 12)