Re: Slackware-7.1 Insecurity in default permission ?!?

[Brian Poole <raj () CERIAS PURDUE EDU>]

I had noticed the shells permissions being wrong a while back. Guess I
hadn't noticed that it hadn't been publically announced. It was fixed
shortly after release if you look at the -current ChangeLog,
http://www.slackware.com/changelog/current.php3, however it doesn't have a
'(* Security fix *)' by it, nor was there ever an email about it to
slackware-security. The fix appears to be an addition to the doinst.sh in
the bash & bash1 packages (a1/).

Don't see anything about /usr/info/dir but haven't looked at it much
myself. Mine has identical permissions (7.1). It is part of the
texinfo.tgz (ap1/) package, which hasn't changed from 7.1 to -current, so
if there is a bug it would appear to still exist.


-b

On Fri, 22 Sep 2000, Fabio Pietrosanti (naif) wrote:
> 123655    1 -rw-rw-rw-   1 root     root          744 Sep 21 22:52
> /usr/info/dir
> 153123    1 -rw-rw-rw-   1 root     root           49 Sep 21 22:51
> /etc/shells
>
> Does someone may verify it on other slackware-7.1 distribution?