Vulnerability Development mailing list archives

Re: Slackware-7.1 Insecurity in default permission ?!?

From: "KATZ,JONATHAN ERIC" <jonathan () UCLA EDU>
Date: Sat, 23 Sep 2000 16:33:56 -0700

On my recent 7.1 installation

~> ls -al /etc/shells
-rw-rw-rw-   1 root     root           58 Sep 20 10:04 /etc/shells
~> ls -al /usr/info/dir
-rw-r--r--   1 root     root         4277 Sep 20 10:04 /usr/info/dir




On Fri, 22 Sep 2000, Fabio Pietrosanti (naif) wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi, i just installed a Slackware-7.1 and hardening it after a
find / -perm -2 -type -f
I found this two bad thing:

123655    1 -rw-rw-rw-   1 root     root          744 Sep 21 22:52
/usr/info/dir
153123    1 -rw-rw-rw-   1 root     root           49 Sep 21 22:51
/etc/shells


Does someone may verify it on other slackware-7.1 distribution?



Pietrosanti  Fabio          I.NET SpA, High Quality Access to the Internet
e-mail:  naif () inet it              ( Direzione Tecnica, Gruppo Firewall )
         firewall () inet it
PGP Key (DSS)                                 http://naif.itapac.net/naif.asc

Home Page URL:            http://www.inet.it
Sede:                     Via Caldera, 21 20153 Milano
Tel:                      02-409061 Fax: 02-40906303
 --
Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
Filter: gpg4pine 4.1 (http://azzie.robotics.net)

iD8DBQE5yzrmdK5I1NnlcMYRAkk8AKDLI42FeMOQufJGueLvHnLnNtCrFwCg5D8r
/mZO9qwXP6xbQrMi8p9ex6o=
=Tpvw
-----END PGP SIGNATURE-----

Current thread:

Slackware-7.1 Insecurity in default permission ?!? Fabio Pietrosanti (naif) (Sep 23)
- Re: Slackware-7.1 Insecurity in default permission ?!? Vitaly McLain (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Ron DuFresne (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? KATZ,JONATHAN ERIC (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Brian Poole (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Eduardo Cruz (Sep 24)
  - Re: Slackware-7.1 Insecurity in default permission ?!? White Vampire (Sep 24)
  - Re: Slackware-7.1 Insecurity in default permission ?!? H D Moore (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? David Carrick (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? generic (Sep 24)
- <Possible follow-ups>
- Re: Slackware-7.1 Insecurity in default permission ?!? Dan Shinn (Sep 24)