Bugtraq mailing list archives

Re: permissions

From: spaf () cs purdue edu (Gene Spafford)
Date: Tue, 17 May 94 15:53:20 -0500


Note two things about mounting system read-only:

1) on many systems, including Suns, you can "remount" a file system
r/w if you are root

2) mounting something read-only still allows writing via the raw
device if permissions are set incorrectly, or if running as root.


Thus, mounting a partition ro is no guarantee things can't be changed.
This is why we recommend that the Tripwire executable and database go
on removable media that has a *physical* write-protect lock that
cannot be undone in software.

--spaf

Current thread:

ANNOUNCING THE [8LGM] FILESERVER & MAILING LIST INFO, (continued)
- - - ANNOUNCING THE [8LGM] FILESERVER & MAILING LIST INFO Karl Strickland (May 14)
    - Re: Time For New Security Package? (was Re: new iss stuff) Gene Spafford (May 14)
    - The ISS Program Paul Robinson (May 10)
    - wolves and sheep on the inet Timothy Newsham (May 11)
    - Re: wolves and sheep on the inet Gene Spafford (May 13)
    - Re: wolves and sheep on the inet Steve Simmons (May 13)
    - permissions Perry E. Metzger (May 16)
    - Re: permissions Pat Myrto (May 16)
    - Re: permissions Evil Pete (May 17)
    - Re: permissions Pat Myrto (May 17)
    - Re: permissions Gene Spafford (May 17)
    - Re: permissions Evil Pete (May 18)
    - Re: permissions Evil Pete (May 18)
    - [8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX [8LGM] Security Team (May 13)
    - iss equivalents *Hobbit* (May 11)
    - Source vs. binary for tools Jeremy Epstein -C2 PROJECT (May 12)
    - runaway lockd problems (SunOS 4.1.3) Pat Myrto (May 12)
    - [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 [8LGM] Security Team (May 12)
    - Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Pat Myrto (May 13)
    - Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Gene Spafford (May 13)
    - Re: Time For New Security Package? (was Re: new iss stuff) Mark (May 10)

(Thread continues...)