Bugtraq mailing list archives
Re: Amanda multiple vendor local root compromises
From: billf () CHC-CHIMES COM (Bill Fumerola)
Date: Mon, 1 Nov 1999 22:30:40 -0500
On Mon, 1 Nov 1999, Chris Tobkin wrote:
I doubt that this is OS specific in the installation, but all the installs of amanda i've seen (and have running here) have runtar suid root, but perm'd to 7450 (other can't exec it). It may be part of the packages bundled with FreeBSD.. All of our builds are local compilations from source... (In fact, all the suid binaries installed by a `make install` are perm'd o-rwx and have a gid of sys or other) -- All I have for reference here are solaris and AIX machines.. can anyone else confirm?
[hawk-billf] /home/billf/cvswork > ls -l /usr/local/libexec/amanda/runtar -rwsr-xr-x 1 root wheel 3915 Oct 29 07:46 /usr/local/libexec/amanda/runtar I'm not speaking on behalf of FreeBSD: The FreeBSD port does just use amanda's build scheme and doesn't circumvent it. It also passes to configure: --with-user=operator --with-group=operator I'll look into this, and I've cc:'d the maintainer of the port and the FreeBSD security officer. -- - bill fumerola - billf () chc-chimes com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerol () computerhorizons com - billf () FreeBSD org -
Current thread:
- Amanda multiple vendor local root compromises Tellier, Brock (Oct 30)
- Re: Amanda multiple vendor local root compromises Ian Turner (Nov 01)
- Re: Amanda multiple vendor local root compromises Chris Tobkin (Nov 01)
- Re: Amanda multiple vendor local root compromises Bill Fumerola (Nov 01)
- Re: Amanda multiple vendor local root compromises monti (Nov 01)
- Re: Amanda multiple vendor local root compromises Rob (Nov 01)
- Unqualified Postings edi () GANYMED ORG (Nov 01)
- Re: Unqualified Postings v0rt (Nov 02)
- <Possible follow-ups>
- Re: Amanda multiple vendor local root compromises Alexandre Oliva (Nov 02)
- Re: Amanda multiple vendor local root compromises Alexandre Oliva (Nov 02)