Bugtraq mailing list archives
Re: using Solaris pax to get files mode 777
From: patton () SYSNET NET (Matthew Patton)
Date: Sun, 11 Oct 1998 14:33:32 -0400
Victor Lavrenko wrote:
If you are running utilities under root and don't read manuals, your system will be full of security holes.
while I concede your arguments regarding reading man pages, what on earth is Sun doing using 777 as the mask? At the very least it should be using the active umask or defaulting to 755 or even safer 700. There is no excuse for programs deliberately going out of their way to make systems insecure when running with 'default' arguments. This is simply another case of irresponsible coding by Sun programmers. I refuse to use slowaris. And don't have their man pages to consult. What percentage of admins do you seriously think read the man page on every bloody command they ever issue? On every different platform they administer? Get real! -------- "Yes, the president should resign. He has lied to the American people, time and time again, and betrayed their trust. He is no longer an effective leader. Since he has admitted guilt, there is no reason to put the American people through an impeachment. He will serve absolutely no purpose in finishing out his term, the only possible solution is for the president to save some dignity and resign." -- William Jefferson Clinton, July 1974 on President Nixon --
Current thread:
- using Solaris pax to get files mode 777 Hubert Feyrer (Oct 05)
- <Possible follow-ups>
- Re: using Solaris pax to get files mode 777 Victor Lavrenko (Oct 06)
- Re: using Solaris pax to get files mode 777 Matthew Patton (Oct 11)
- Annoying Solaris/CDE/NIS+ bug dbell (Oct 12)
- Re: Annoying Solaris/CDE/NIS+ bug Jeff Horwitz (Oct 13)
- CERT Advisory CA-98.12 - mountd Aleph One (Oct 12)