Bugtraq mailing list archives
Re: reporting local security problems for WinNT (Re: Escalation of privileges)
From: "William D. Colburn (aka Schlake)" <wcolburn () NMT EDU>
Date: Thu, 10 Aug 2000 09:49:11 -0600
On Tue, Aug 08, 2000 at 11:45:26AM -0700, David LeBlanc wrote:
The general issue here is that any file that is going to be run as a service really must be secured. IMNSHO, it is the responsibility of the person writing the install routine to verify that the directory where the files will be placed is secure, and if the default for that directory isn't appropriate, then set the permissions upon creating the directory. Same thing for registry permissions.
Checking permissions at install time isn't sufficient. They may change later, and never be caught. The program should verify the integrity of the system as often as possible. Sendmail does a really good job of checking permissions on everything every time it does something. It may slow things down some, but it also finds problems when they happen. As an example, I'll use the /etc directory on my mail server. Someone here wanted to edit something without having to su to root each time, so he chmodded /etc to be group writable and owned by our staff group. Sendmail complained so I chowned/chmodded it to make it safe. Some time later he noticed this had happened and chowned/chmodded it back. Right away sendmail figured this out, and started complaining again. If sendmail had only checked at installation time this could have been broken for a long time. As it was, it was only that way for a very short time until I noticed. -- William Colburn, "Sysprog" <wcolburn () nmt edu> Computer Center, New Mexico Institute of Mining and Technology http://www.nmt.edu/tcc/ http://www.nmt.edu/~wcolburn
Current thread:
- Escalation of privileges Chris Foster (Aug 07)
- reporting local security problems for WinNT (Re: Escalation of privileges) Vladimir Dubrovin (Aug 08)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) David LeBlanc (Aug 09)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) William D. Colburn (aka Schlake) (Aug 10)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) Tom Perrine (Aug 11)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) David LeBlanc (Aug 09)
- reporting local security problems for WinNT (Re: Escalation of privileges) Vladimir Dubrovin (Aug 08)
- Re: Escalation of privileges Nicolas Rachinsky (Aug 09)
- <Possible follow-ups>
- Re: Escalation of privileges Mayers, Philip J (Aug 08)
- Re: Escalation of privileges Kenn Humborg (Aug 09)
- Re: Escalation of privileges Adam Richard (Aug 10)