Bugtraq mailing list archives

(no subject)

From: sbr () DIRECT CA (sbr)
Date: Wed, 14 Jul 1999 14:31:15 -0700


I recently started using a new editor called joe, with this editor there is
a feature that if your existing session is terminated, it creates a DEADJOE
in the directory.  While editing my shadow file my connection was
terminated, thus leaving the DEADJOE in my /etc directory that was world
readable containing my entire shadow file.  I think the problem is self
explanitory.  I have emailed the creator and there is no feature to disable
this that I can find or mentioned in the email.  My umask setting does not
seem to affect the permissions of DEADJOE.

The operating system is Debian Linux 2.1 kernel 2.2.10 i386.

        - Spencer.

Current thread:

Re: L0pht 'Domino' Vulnerability is alive and well, (continued)
- Re: L0pht 'Domino' Vulnerability is alive and well mtremblay () BAHNSO COM (Jul 08)
  - Re: L0pht 'Domino' Vulnerability is alive and well Ryan Thomas Tecco (Jul 09)
  - Communicator 4.[56]x, JavaScript used to bypass cookie settings Peter W (Jul 09)
    - (no subject) Anonymous (Jul 09)
    - Re: your mail Darren Reed (Jul 12)
    - Navigator cookie security Oliver Lineham (Jul 09)
    - Re: Communicator 4.[56]x, JavaScript used to bypass cookie settings Claudio Telmon (Jul 13)
    - Solaris 2.6/7 NTP permissions problem john_smith () RD QMS COM (Jul 14)
    - Privacy concerns in interMute John Temples (Jul 16)
    - Re: Solaris 2.6/7 NTP permissions problem Casper Dik (Jul 16)
    - (no subject) sbr (Jul 14)
    - joe 2.8 makes world-readable DEADJOE Trevor Johnson (Jul 17)
    - Re: your mail hal (Jul 19)
  - [LoWNOISE] Lotus Domino ET LoWNOISE (Jul 09)