Bugtraq mailing list archives
Re: pinelock.csh exploit
From: jbourne () ISLAND NET (Jim Bourne)
Date: Sat, 6 Dec 1997 11:17:48 -0800
On Tue, 2 Dec 1997, Roger Harrison ? wrote:
There was something a while ago on bugtraq about pinelock files and how they were mode 666. This program I wrote takes this idea and brings it a step further into an easy way to show why this is a problem. My program <pinelock.csh> allows you to log off a user or kill one of their processes IF they open up a second session of pine. It isn't terribly useful, except for annoying a user. However, if root opens up two sessions of pine, I can think of some interesting processes and daemons which might be killed. Copies of this program will be stored at http://kepler.poly.edu/~rharri01/. Click on files and then click on pinelock.csh. Have fun!
Not sure if this is the right thing to do, or if it will cause problems with other parts of pine but there is a quick fix. bash# diff env_unix.c~ env_unix.c 49c49 < static long lock_protection = 0666; ---
static long lock_protection = 0600;
this file can be found in imap/c-client under the source tree of pine-3.96 and leaves the lock file mode 600: -rw------- 1 jbourne users 4 Dec 6 11:16 .2.21200505 IMHO opening/leaving any file on the file system mode 666 is a bad idea, esp if it's in a directory that has public write permissions. Regards, James Bourne
-Iconoclast iconoclast () thepentagon com
-- James Bourne | E-Mail: jbourne () island net System Administrator | WWW: http://www.island.net Island Internet Inc. | Linux - The choice of a GNU generation
Current thread:
- pinelock.csh exploit Roger Harrison ? (Dec 02)
- Re: pinelock.csh exploit Jim Bourne (Dec 06)