Bugtraq mailing list archives
Re: reporting local security problems for WinNT (Re: Escalation of privileges)
From: Tom Perrine <tep () SDSC EDU>
Date: Thu, 10 Aug 2000 16:17:56 -0700
On Thu, 10 Aug 2000 09:49:11 -0600, "William D. Colburn (aka Schlake)" <wcolburn () NMT EDU> said:
William> Checking permissions at install time isn't sufficient. They may change William> later, and never be caught. The program should verify the integrity of William> the system as often as possible. Sendmail does a really good job of William> checking permissions on everything every time it does something. It may William> slow things down some, but it also finds problems when they happen. This is what cfengine is all about. Your infrastructure "heals" itself ever time cfengine runs. William> As an example, I'll use the /etc directory on my mail server. Someone William> here wanted to edit something without having to su to root each time, so William> he chmodded /etc to be group writable and owned by our staff group. William> Sendmail complained so I chowned/chmodded it to make it safe. Some time William> later he noticed this had happened and chowned/chmodded it back. Right William> away sendmail figured this out, and started complaining again. If William> sendmail had only checked at installation time this could have been William> broken for a long time. As it was, it was only that way for a very William> short time until I noticed. Cfengine can do this for any file for which you have specified the owner, group, permissions and/or contents. I wouldn't kill, but I'd hurt someone Real Bad for a cfengine for Windows with a registry editor.... --tep
Current thread:
- Escalation of privileges Chris Foster (Aug 07)
- reporting local security problems for WinNT (Re: Escalation of privileges) Vladimir Dubrovin (Aug 08)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) David LeBlanc (Aug 09)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) William D. Colburn (aka Schlake) (Aug 10)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) Tom Perrine (Aug 11)
- Re: reporting local security problems for WinNT (Re: Escalation of privileges) David LeBlanc (Aug 09)
- reporting local security problems for WinNT (Re: Escalation of privileges) Vladimir Dubrovin (Aug 08)
- Re: Escalation of privileges Nicolas Rachinsky (Aug 09)
- <Possible follow-ups>
- Re: Escalation of privileges Mayers, Philip J (Aug 08)
- Re: Escalation of privileges Kenn Humborg (Aug 09)
- Re: Escalation of privileges Adam Richard (Aug 10)