Bugtraq mailing list archives
Re: J-Pilot Permissions Vulnerability
From: Rich Lafferty <rich () ALCOR CONCORDIA CA>
Date: Fri, 15 Dec 2000 18:48:22 -0500
On Fri, Dec 15, 2000 at 11:53:55AM -0500, Ryan W. Maple (ryan () GUARDIANDIGITAL COM) wrote:
I can verify this, and moreover it appears as if J-Pilot uses the users umask:
Isn't that *expected* behavior? umask is used to set the default permission bits for file creation, and J-Pilot creates files with the permissions you specify in your umask. If you don't want new files created group-writeable, then set your umask so they're not!
So the vulnerabiltiy is futhermore amplified if they are group-writable and there is a malicious user in the same group.
And just think, with a umask of 0, they're world-writeable. Never mind that that's what you asked for.. -Rich -- ------------------------------ Rich Lafferty --------------------------- Sysadmin/Programmer, Instructional and Information Technology Services Concordia University, Montreal, QC (514) 848-7625 ------------------------- rich () alcor concordia ca ----------------------
Current thread:
- J-Pilot Permissions Vulnerability Weston Pawlowski (Dec 15)
- Re: J-Pilot Permissions Vulnerability Ryan W. Maple (Dec 16)
- Re: J-Pilot Permissions Vulnerability Judd Montgomery (Dec 16)
- Re: J-Pilot Permissions Vulnerability Robert Bihlmeyer (Dec 19)
- Re: J-Pilot Permissions Vulnerability Rich Lafferty (Dec 18)
- Re: J-Pilot Permissions Vulnerability Christopher Palmer (Dec 19)
- Re: J-Pilot Permissions Vulnerability Judd Montgomery (Dec 16)
- Re: J-Pilot Permissions Vulnerability Christian (Dec 18)
- <Possible follow-ups>
- Re: J-Pilot Permissions Vulnerability Weston Pawlowski (Dec 18)
- Re: J-Pilot Permissions Vulnerability Scott Nelson (Dec 20)
- Re: J-Pilot Permissions Vulnerability Ryan W. Maple (Dec 16)