Re: [Stan Bubrouski <satan () FASTDIAL NET>: Re: rh 6.2 - gid compromises, etc [+ MORE!!!]]

[fdc () COLUMBIA EDU (Frank da Cruz)]

> Ya know the sad thing is I pointed out these problems in
> bugzilla posts the gkermit being sgid uucp I reported
> two+ weeks ago.  No response.  My description of the
> gkermit bug which I reported couple weeks ago can be
> found here:
> http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=11870
Hi all.  I'm the author of gkermit, and this is the first
I've heard of any of this (your message was forwarded to
me by somebody who saw it on a mailing list).  The author /
support contact address is listed in the usage message and the
man page; as a matter of courtesy, it should be included in
bug reports.

So who said gkermit should be installed suid or sgid?  It
shouldn't.  It does not need privileges for anything.  The
documetantion says so:

  The makefile creates a binary called "gkermit". Simply
  move this binary to the desired directory, such as
  /usr/local/bin. It needs no special permissions other than
  read, write, and execute for the desired users and groups:
  no setuid, no setgid, or any other form of privilege.

This is from:

  http://www.columbia.edu/kermit/gkermit.html

> The C-Kermit package that comes on the Powertools CD with
> Red Hat 6.2 is installed sgid uucp as well and contains
> a plethera of unchecked buffers than can be used to run
> commands as gid uucp. Details can be found here:
> http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=11723
This one is news too and, again, I'd appreciate receiving
reports like this.  Of course I'll follow up on it.  There
might be a couple unchecked buffers, but there is not a
plethora of them.  A great deal of effort has gone into
pre-checking buffer copy operations, and if some places
were missed they can be fixed.

Frank da Cruz
The Kermit Project
Columbia University
612 West 115th Street
New York NY  10025-7799
USA
Email: fdc () columbia edu
Web:   http://www.columbia.edu/kermit/