Bugtraq mailing list archives
Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate
From: Felipe Franciosi <franciozzy () terra com br>
Date: Mon, 06 Aug 2001 16:21:41 -0300
It's apparently something that's changed in later versions of Slackware. Here's one from my machine, which was originally Slack3.5 (before going through several upgrades, of course): -rw-r--r-- 1 root root 740500 Aug 1 04:03 locatedb
I would like to remind you that old slackware boxes used to have a huge problem with this ownership of the locate system. I can't remember exactly on which version it was changed to nobody, but I do remember of the problem: The updatedb runs everyday at 4:40 am. It creates temporary files on /tmp, and the name of these files are a number. The point is that there were several files created along the process, and the name of the next file was an increment of the last one. This would allow any local user to create a symbolic link from any system file to a file named with an incremented number of the current temp file... Once it was runned by root, this would basi- caly append several trash info to the file. Imagine the destruction if the link was pointed to a hard drive at /dev, for example. :-) Switching from root's crontable to nobody's crontable was the so- lution at the time. Regards, Felipe -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Felipe Franciosi paradoxo networking http://www.paradoxo.org Porto Alegre - RS Phone: (55)(51) 9806 7387 UIN - 33596050 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Current thread:
- Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Josh Smith (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Linux Mailing Lists (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Jeremy C. Reed (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Josh Smith (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Jeffrey Denton (Aug 03)
- <Possible follow-ups>
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Olaf Bohlen (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Jeremy C. Reed (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Brian Smith (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Dylan Griffiths (Aug 02)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Felipe Franciosi (Aug 06)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Jeremy C. Reed (Aug 01)
- Re: Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate Nasir Simbolon (Aug 02)