Re: another /usr/dt/bin/dtappgather feature!

[casper () HOLLAND SUN COM (Casper Dik)]

> There's attached the message related to this new feature..
> the /usr/dt/bin/dtappgather program tries to read the enviroment variable
> $DTUSERSESSION to get the name of the file to seek for.
> The file is searched in /var/dt/appconfig/appmanager.
> Under SunOS 5.5,5.5.1 (aka Solaris 2.5, 2.5.1) that directory is 777 or
> 01777 so you're able to make a simbolic link to the file you wish, but on
> SunOS 5.6 (Solaris 2.6) the directory is 755 to avoid this.
> Unfortunately the dtappgather never check the $DTUSERSESSION variable, so
> you can use the syntax ../../.. etc... to grab the file you wish, even if
> you can't write the /var/dt/appconfig/appmanager directory....


Unless I'm very much mistaken, this is fixed in Solaris 7 as well as
with the following Solaris 2.x patches:

104497-04: CDE 1.0.1: dtappgather patch
104498-04: CDE 1.0.2: dtappgather patch
104499-04: CDE 1.0.1_x86: dtappgather patch
104500-04: CDE 1.0.2_x86: dtappgather patch
105837-02: CDE 1.2: dtappgather Patch
105838-02: CDE 1.2_x86: dtappgather Patch

(Released in March & June this year)

For /var/dt permissions, you need:

103882-08: CDE 1.0.2: dtlogin patch for login authentication issues
103884-06: CDE 1.0.1: dtlogin patch
103885-06: CDE 1.0.1_x86: dtlogin patch
103886-07: CDE 1.0.2_x86: dtlogin patch for login authentication issues

This was fixed in 2.6, but you still need to apply the following for other
problems:
105703-07: CDE 1.2: dtlogin patch
105704-07: CDE 1.2_x86: dtlogin patch


I'm not 100% sure the 2.5* patches will correct the permissions on
existing directories.  They will create new directories with the proper
permissions.



Casper