Bugtraq mailing list archives
Re: [Full-disclosure] Linux kernel source archive vulnerable
From: Christine Kronberg <seeker () shalla de>
Date: Fri, 8 Sep 2006 08:09:51 +0200 (CEST)
On Fri, 8 Sep 2006, Raj Mathur wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1"Hadmut" == Hadmut Danisch <hadmut () danisch de> writes:Hadmut> [snip] Hadmut> When unpacking such an archive, tar also sets the uid, Hadmut> gid, and file permissions given in the tar Hadmut> archive. Unfortunately, plenty of files and directories in Hadmut> that archive are world writable. E.g. in the 2.6.17.11 Hadmut> archive, there are 1201 world writable directories and Hadmut> 19554 world writable files. I wouldn't know if something has changed drastically between 2.6.16 and 2.6.17.11, but: raju@mail:~$ find /usr/src/linux-2.6.16/ -perm -666 ! -type l raju@mail:~$ Not a single world-writable file or directory. Perhaps pre-release kernel tarballs are more lax?
Seems to. I just checked linux-2.6.13 and linux-2.6.17.6. While the first has no world writeable files or directories at all the latter has tons of it. Interesting. Cheers, Chris Kronberg.
Current thread:
- Linux kernel source archive vulnerable Hadmut Danisch (Sep 07)
- Re: [Full-disclosure] Linux kernel source archive vulnerable Raj Mathur (Sep 07)
- Re: [Full-disclosure] Linux kernel source archive vulnerable Hadmut Danisch (Sep 07)
- Re: [Full-disclosure] Linux kernel source archive vulnerable Christine Kronberg (Sep 11)
- R: Linux kernel source archive vulnerable Perego Paolo Franco (Sep 11)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 11)
- Re: [Full-disclosure] Linux kernel source archive vulnerable Raj Mathur (Sep 07)