Re: /var/named world writeable in latest slack

[Michal Zalewski <lcamtuf () DIONE IDS PL>]

On Thu, 12 Oct 2000, Jason Storm wrote:

> > If so, it almost for sure means root compromise, AFAIK. As I recall,
> > config file parsing could cause some overflows...
>
> I sincerely doubt the box was hacked </famous last words>; named was
> never running for one thing (its commented out of rc.inet2 by
> default), and this was found literally within 2 minutes of the first
> reboot after the install.

Oh sorry, I didn't meant it! I just believe world-writable /var/named can
lead to root compromise, because, as I recall, config-file parsing
had some bofs!:) So if it's default Slackware permissions
set... ahem, they have made a mistake ;>

_______________________________________________________
Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=