Bugtraq mailing list archives

Re: pmpost - another nice symlink follower

From: Keith Owens <kaos () melbourne sgi com>
Date: Tue, 19 Jun 2001 18:29:40 +1000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Content-Type: text/plain; charset=us-ascii

On Mon, 18 Jun 2001 19:11:20 +0200, 
Paul Starzetz <paul () starzetz de> wrote:

there is a symlink handling problem in the pcp suite from SGI. The
binary pmpost will follow symlinks, if setuid root this leads to instant
root compromise, as found on SuSE 7.1 (I doubt that this a default SuSE
package, though).


It would have been nice if you had informed SGI about this problem
before mailing to bugtraq.

As a temporary workaround, remove setuid from pmpost.  Any PCP events
from pmie running as a user will not be logged, this is unlikely to be
a problem.  A full patch will be available tomorrow, after it has been
reviewed.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: Exmh version 2.1.1 10/15/1999

iD8DBQE7Lw1zi4UHNye0ZOoRAkuiAKCPcvq+v50TVJ1yvoHTv7bvrqaKEACg1L12
cpMAlQsuJjV90ZJ6tXF1PUU=
=YBPa
-----END PGP SIGNATURE-----

Current thread:

pmpost - another nice symlink follower Paul Starzetz (Jun 18)
- Re: pmpost - another nice symlink follower Jan-Frode Myklebust (Jun 19)
  - Re: pmpost - another nice symlink follower Damian Menscher (Jun 20)
- Re: pmpost - another nice symlink follower Keith Owens (Jun 19)
- Re: pmpost - another nice symlink follower Lynton Clamp (Jun 19)
- Re: pmpost - another nice symlink follower Roman Drahtmueller (Jun 19)
- Re: pmpost - another nice symlink follower Dale Southard (Jun 19)