Bugtraq mailing list archives
Re: problems in /usr/Cadmin/bin for IRIX 5.3
From: richard () wizard ucs sfu ca (Richard Chycoski)
Date: Mon, 5 Aug 1996 14:00:24 -0700
From: Grant Kaufmann <gkaufman () cs uct ac za> I've stumbled onto a problem with /usr/Cadmin/bin/chost and /usr/Cadmin/bin/cimport. I'll post an exploit tomorrow, but I'd like to know why so many (17) programs in this directory are suid? They should only be run by root anyway. A quick fix is chmod -s /usr/Cadmin/bin/* . -- Grant
Cadmin is known to be a major security hole. The reason for the suid programs is that SGI has a mechanism to allow a user other than root to perform administrative tasks on the machine. The implementation of this mechanism is quite flawed, however, and your quick fix is the only way around it that I know of. --- - Richard Chycoski Senior Systems Consultant Simon Fraser University Academic Computing Services richard () sfu ca
Current thread:
- Re: problems in /usr/Cadmin/bin for IRIX 5.3 Richard Chycoski (Aug 05)