Bugtraq mailing list archives
Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4)
From: aleph1 () DFW NET (Aleph One)
Date: Thu, 13 Jul 1995 11:46:04 -0500
On Wed, 12 Jul 1995, James W. Abendschan wrote:
Maybe I'm completely missing the point, but wouldn't this help? linux# chown root.kmem /proc linux# chmod 750 /proc And then sgid kmem all the binaries that need /proc access: linux# chown root.kmem `which w` `which ps` `which top` (etc) linux# chmod 2755 `which w` `which ps` `which top` (etc) This restricts ordinary users from wandering around in /proc, and thus being able to access the "unclosed" files.
You are. The whole point of /proc is not only make things like ps, w, etc not to have to go looking into the kernel memeory but also to allow people easy access to information trough /proc. If we make it group kmem we might as well dump it and keep doing it the old way. /proc is a "Good Thing(tm)" just need to figure out the right perms for the right files.
James -- James Abendschan jwa () nbs nau edu Will Hack For Food <a href="http://www.nbs.nau.edu/~jwa">Zero Funk Kick</a>
Current thread:
- Exploit+fix for Linux SIGURG, (continued)
- Exploit+fix for Linux SIGURG Marek Michalkiewicz (Jul 11)
- The FTP Bounce Attack *Hobbit* (Jul 11)
- Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Henri Karrenbeld (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Marek Michalkiewicz (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) James Seng (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Henri Karrenbeld (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Aleph One (Jul 13)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Jeremy Fitzhardinge (Jul 13)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) James W. Abendschan (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Lyndon Nerenberg (Jul 12)
- Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Aleph One (Jul 13)
- Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Karl Strickland (Jul 10)
- Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Perry E. Metzger (Jul 10)
- Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing BioH (Jul 10)
- Re: Exploit for Linux wu.ftpd hole Nathan Lawson (Jul 09)
- Re: Exploit for Linux wu.ftpd hole Mike Edulla (Jul 07)
- Re: Why are we using priveleged images / state so much? (Was Re: Dr. Frederick B. Cohen (Jul 06)
- Details of linux select(2) bug? Karl Strickland (Jul 07)
- SM 8.6.12 Nathan Lawson (Jul 08)