Bugtraq mailing list archives

Re: Verity/Search'97 Security Problems

From: jay () CIMEDIA COM (Jay Soffian)
Date: Thu, 16 Jul 1998 17:28:47 -0400


Last message, I promise. My brain isn't working today. suid (or sgid)
is a terrible idea. Using something other than '.orig' works, but
that's security by obscurity. Probably, you are best using a <files>
section (or equiv if not Apache) to protect the '.orig' binaries.

j.
--
Jay Soffian <jay () cimedia com>                       UNIX Systems Administrator
404.572.1941                                             Cox Interactive Media

Current thread:

Verity/Search'97 Security Problems Stefan Arentz (Jul 14)
- <Possible follow-ups>
- Re: Verity/Search'97 Security Problems Lloyd Vancil (Jul 16)
- Re: Verity/Search'97 Security Problems Jay Soffian (Jul 16)
- Re: Verity/Search'97 Security Problems Jay Soffian (Jul 16)
- Re: Verity/Search'97 Security Problems Joe D'Andrea (Jul 20)
- Re: Verity/Search'97 Security Problems Joe D'Andrea (Jul 22)