Vulnerability Development mailing list archives
Re: Slackware-7.1 Insecurity in default permission ?!?
From: Eduardo Cruz <eduardo.cruz () TS-G COM>
Date: Sun, 24 Sep 2000 01:40:26 +0200
-rw-r--r-- 1 root root 4277 Sep 12 15:19 /usr/info/dir -rw-rw-rw- 1 root root 58 Sep 12 15:17 /etc/shells but if u cant modify passwd to change the shell..... anyway is wrong u can add shells to the file # cat /etc/slackware-version 7.1.0 ----- Original Message ----- From: Fabio Pietrosanti (naif) <naif () INET IT> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Friday, September 22, 2000 12:56 PM Subject: Slackware-7.1 Insecurity in default permission ?!?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, i just installed a Slackware-7.1 and hardening it after a find / -perm -2 -type -f I found this two bad thing: 123655 1 -rw-rw-rw- 1 root root 744 Sep 21 22:52 /usr/info/dir 153123 1 -rw-rw-rw- 1 root root 49 Sep 21 22:51 /etc/shells Does someone may verify it on other slackware-7.1 distribution? Pietrosanti Fabio I.NET SpA, High Quality Access to the Internet e-mail: naif () inet it ( Direzione Tecnica, Gruppo Firewall ) firewall () inet it PGP Key (DSS) http://naif.itapac.net/naif.asc Home Page URL: http://www.inet.it Sede: Via Caldera, 21 20153 Milano Tel: 02-409061 Fax: 02-40906303 -- Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org Filter: gpg4pine 4.1 (http://azzie.robotics.net) iD8DBQE5yzrmdK5I1NnlcMYRAkk8AKDLI42FeMOQufJGueLvHnLnNtCrFwCg5D8r /mZO9qwXP6xbQrMi8p9ex6o= =Tpvw -----END PGP SIGNATURE-----
Current thread:
- Slackware-7.1 Insecurity in default permission ?!? Fabio Pietrosanti (naif) (Sep 23)
- Re: Slackware-7.1 Insecurity in default permission ?!? Vitaly McLain (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Ron DuFresne (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? KATZ,JONATHAN ERIC (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Brian Poole (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Eduardo Cruz (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? White Vampire (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? H D Moore (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? David Carrick (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? generic (Sep 24)
- <Possible follow-ups>
- Re: Slackware-7.1 Insecurity in default permission ?!? Dan Shinn (Sep 24)