Vulnerability Development mailing list archives
Re: /dev/urandom | logger "issue"
From: Michal Zalewski <lcamtuf () DIONE IDS PL>
Date: Tue, 22 Aug 2000 11:26:28 +0200
On Mon, 21 Aug 2000, Vitaly McLain wrote:
I know I'll probably wind up sounding like an idiot, but why is that on Linux boxes normal users have so much access to /var/log/messages via "logger"? Any user can do: cat /dev/urandom | logger &
On Linux boxes, you have 0666 permissions on /dev/log. That's it, you can not only forge messages (logger -p 0 -t kernel "blah"), but also... forge date (I reported it some time ago, and written nice utility called suncat - uc - for I/O operations on unix sockets from command-line). Smart people changes these permissions to something more restrictive. _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- /dev/urandom | logger "issue" Vitaly McLain (Aug 21)
- Re: /dev/urandom | logger "issue" Bluefish (P.Magnusson) (Aug 22)
- Re: /dev/urandom | logger "issue" Eilert Brinkmann (Aug 22)
- Re: /dev/urandom | logger "issue" Michal Zalewski (Aug 22)
- Re: /dev/urandom | logger "issue" Matt Wilson (Aug 22)
- Re: /dev/urandom | logger "issue" Bill Pennington (Aug 22)
- <Possible follow-ups>
- Re: /dev/urandom | logger "issue" Larry D'Anna (Aug 23)
- Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 23)
- Re: /dev/urandom | logger "issue" Alfonso De Gregorio (Aug 23)
- Re: /dev/urandom | logger "issue" Matt Wilson (Aug 23)
- Re: /dev/urandom | logger "issue" H D Moore (Aug 27)
- Re: /dev/urandom | logger "issue" Sarel J. Botha (Aug 27)
- Re: /dev/urandom | logger "issue" M ixter (Aug 28)
- Re: /dev/urandom | logger "issue" Kev (Aug 28)