Full Disclosure mailing list archives
Re: VMware server (2.0.2) insecure file creation
From: Valdis.Kletnieks () vt edu
Date: Thu, 07 Jan 2010 11:53:09 -0500
On Wed, 06 Jan 2010 11:07:07 -0400, dd () sucuri net said:
Have anyone noticed that the files created by the VMware server installer all have the 777 permissions to it?
Check your umask? % ls -l /usr/lib/vmware/hostd/docroot/print.css -r--r--r--. 1 root root 793 Dec 21 16:08 /usr/lib/vmware/hostd/docroot/print.css I'm running with 'umask 022' - is yours set to 0? (Yes, the install script *should* set the umask itself).
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- VMware server (2.0.2) insecure file creation dd (Jan 07)
- Re: VMware server (2.0.2) insecure file creation Valdis . Kletnieks (Jan 07)