Re: Slackware-7.1 Insecurity in default permission ?!?

[Dan Shinn <danslo () YAHOO COM>]

I believe this is the case with default installs, but after you apply all the patches these
insecure permissions go away. This is from the changelogs:
Thu Aug 24 16:12:55 PDT 2000
Merged package directories for the A and N series.
a1/bash.tgz, bash1.tgz: Patched install script to ensure that a newly-created /etc/shells will be
chmoded 644.

You can view the changelogs at -> http://www.slackware.com/changelog/current.php3
Im not sure if the /usr/info/dir was ever world writeable on my slack box but the shells was and
that was fixed with the install of the new bash.tgz package. This is from slack7.1 with all the
updates and security fixes listed in the changelogs:

slackbox:~# ls -l /etc/shells
-rw-r--r--   1 root     root           70 May  5 08:03 /etc/shells
slackbox:~# ls -l /usr/info/dir
-rw-r--r--   1 root     root         3533 May 16  1994 /usr/info/dir
slackbox:~# cat /etc/slackware-version
7.1.0

Hope this helps.
-dan

__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/