Bugtraq mailing list archives

Re: Possible DoS in rsh

From: hno () HEM PASSAGEN SE (Henrik Nordstrom)
Date: Fri, 9 Oct 1998 08:14:55 +0200


Nick Andrew wrote:

Programs (esp. daemons) which run as root should refuse to read
control files which are symlinks (and home directories should not
be on the same partition as /dev!).


Should this be worded: Any service daemons should refuse to read
files which are not files (symlinks, device files, pipes and other
non-disk-file types) or not owned by the right user with proper
permissions.

---
Henrik Nordström

Current thread:

Possible DoS in rsh Shivan Dragon (Oct 06)
- WARNING: By-passing MS Proxy packet filtering Mnemonix (Oct 06)
- tooltalk vulnerable on Digital Unix ?? Andrew Daviel (Oct 08)
- Re: Possible DoS in rsh Nick Andrew (Oct 08)
- Secure Locate v1.0 Kevin Lindsay (Oct 08)
- Re: Possible DoS in rsh Kragen (Oct 15)
- <Possible follow-ups>
- Re: Possible DoS in rsh Henrik Nordstrom (Oct 08)