Vulnerability Development mailing list archives
Re: Slackware-7.1 Insecurity in default permission ?!?
From: Brian Poole <raj () CERIAS PURDUE EDU>
Date: Sun, 24 Sep 2000 03:38:31 -0500
I had noticed the shells permissions being wrong a while back. Guess I hadn't noticed that it hadn't been publically announced. It was fixed shortly after release if you look at the -current ChangeLog, http://www.slackware.com/changelog/current.php3, however it doesn't have a '(* Security fix *)' by it, nor was there ever an email about it to slackware-security. The fix appears to be an addition to the doinst.sh in the bash & bash1 packages (a1/). Don't see anything about /usr/info/dir but haven't looked at it much myself. Mine has identical permissions (7.1). It is part of the texinfo.tgz (ap1/) package, which hasn't changed from 7.1 to -current, so if there is a bug it would appear to still exist. -b On Fri, 22 Sep 2000, Fabio Pietrosanti (naif) wrote:
123655 1 -rw-rw-rw- 1 root root 744 Sep 21 22:52 /usr/info/dir 153123 1 -rw-rw-rw- 1 root root 49 Sep 21 22:51 /etc/shells Does someone may verify it on other slackware-7.1 distribution?
Current thread:
- Slackware-7.1 Insecurity in default permission ?!? Fabio Pietrosanti (naif) (Sep 23)
- Re: Slackware-7.1 Insecurity in default permission ?!? Vitaly McLain (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Ron DuFresne (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? KATZ,JONATHAN ERIC (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Brian Poole (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? Eduardo Cruz (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? White Vampire (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? H D Moore (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? David Carrick (Sep 24)
- Re: Slackware-7.1 Insecurity in default permission ?!? generic (Sep 24)
- <Possible follow-ups>
- Re: Slackware-7.1 Insecurity in default permission ?!? Dan Shinn (Sep 24)