Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SunOS syslog() fix, finally...

From: blymn () awadi com au (Brett Lymn)
Date: Tue, 14 Nov 1995 11:05:09 +1030

According to Jake Luck:


yeah, but what about /usr/sbin/ufsrestore ?

it is statically linked, utilizes syslog, and suid root.



If you are a BOFH then just kill the setuid bit on ufsrestore.  It
means that root has to do the restores but it does close an awful lot
of holes (like someone dragging in a QIC and restoring their favourite
version of /etc/passwd.... need I say more?).  Or you could just
remove the global rx though this may bugger up remote root users.


--
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
===============================================================================
"It's fifteen hundred miles to Ankh-Morpork" he said.  "We've got
three hundred and sixty three elephants, fifty carts of forage, the
monsoon's about to break and we're wearing ... we're wearing ... sort
of things, like glass, only dark... dark glass things on our eyes..."
        - Terry Pratchett "Moving Pictures".
Previous By Date Next
Previous By Thread Next

Current thread: