Vulnerability Development mailing list archives

Re: Slackware-7.1 Insecurity in default permission ?!?

From: David Carrick <fuzzy () lod com>
Date: Sat, 23 Sep 2000 23:00:57 -0400

I can confirm that on my fresh install of Slack 7.1 /etc/shells is set as
follows
-rw-rw-rw-   1 root     root           68 Jul 14 00:19 shells
however my /usr/info/dir seems to be set correctly.
root@carrera:/usr/info# ls -al dir
-rw-r--r--   1 root     root         4277 Jul 12 23:40 dir

Anyone else turn this up?



"Fabio Pietrosanti (naif)" wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi, i just installed a Slackware-7.1 and hardening it after a
find / -perm -2 -type -f
I found this two bad thing:

123655    1 -rw-rw-rw-   1 root     root          744 Sep 21 22:52
/usr/info/dir
153123    1 -rw-rw-rw-   1 root     root           49 Sep 21 22:51
/etc/shells

Does someone may verify it on other slackware-7.1 distribution?

Pietrosanti  Fabio          I.NET SpA, High Quality Access to the Internet
e-mail:  naif () inet it           ( Direzione Tecnica, Gruppo Firewall )
         firewall () inet it
PGP Key (DSS)                           http://naif.itapac.net/naif.asc

Home Page URL:            http://www.inet.it
Sede:                     Via Caldera, 21 20153 Milano
Tel:                      02-409061 Fax: 02-40906303
 --
Free advertising: www.openbsd.org - Multiplatform Ultra-secure OS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
Filter: gpg4pine 4.1 (http://azzie.robotics.net)

iD8DBQE5yzrmdK5I1NnlcMYRAkk8AKDLI42FeMOQufJGueLvHnLnNtCrFwCg5D8r
/mZO9qwXP6xbQrMi8p9ex6o=
=Tpvw
-----END PGP SIGNATURE-----

Current thread:

Slackware-7.1 Insecurity in default permission ?!? Fabio Pietrosanti (naif) (Sep 23)
- Re: Slackware-7.1 Insecurity in default permission ?!? Vitaly McLain (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Ron DuFresne (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? KATZ,JONATHAN ERIC (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Brian Poole (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Eduardo Cruz (Sep 24)
  - Re: Slackware-7.1 Insecurity in default permission ?!? White Vampire (Sep 24)
  - Re: Slackware-7.1 Insecurity in default permission ?!? H D Moore (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? David Carrick (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? generic (Sep 24)
- <Possible follow-ups>
- Re: Slackware-7.1 Insecurity in default permission ?!? Dan Shinn (Sep 24)