Vulnerability Development mailing list archives

Re: /lib/ld-2.2.4.so

From: "Kurt Seifried" <bugtraq () seifried org>
Date: Wed, 24 Apr 2002 20:40:13 -0600

/tmp
/var/tmp (sometimes a symlink to /tmp)
/home
/var/spool/mail/username

Mail queue injection dir on some systems is world writeable and readable.

Various X games have score files that can be written to/read from.

Many 3rd party software packages create world readable/writeable files and
directories:

find / -type f -perm +002

find / -type d -perm +002

Lotsa places. Hence the importance of segregating areas users can write to,
directly (/tmp) or indirectly (/var/log).

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.iDefense.com/

Current thread:

/lib/ld-2.2.4.so Sabau Daniel (Apr 22)
- RE: /lib/ld-2.2.4.so Tech Support (Apr 24)
  - Re: /lib/ld-2.2.4.so Marlon Jabbur (Apr 24)
- Re: /lib/ld-2.2.4.so Eric Rostetter (Apr 24)
- Re: /lib/ld-2.2.4.so Olaf Kirch (Apr 24)
  - Re: /lib/ld-2.2.4.so Bill Weiss (Apr 24)
    - Re: /lib/ld-2.2.4.so Kurt Seifried (Apr 25)
    - Re: /lib/ld-2.2.4.so Robert A. Seace (Apr 25)
    - nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Anibal Ambertin (Apr 26)
    - Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) c0n (Apr 26)
    - Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Bill Weiss (Apr 26)
    - Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Jim Nanney (Apr 26)
    - Re: /lib/ld-2.2.4.so Florian Weimer (Apr 26)
  - Re: /lib/ld-2.2.4.so FozZy (Apr 24)
    - RE: /lib/ld-2.2.4.so Tech Support (Apr 25)
    - Re: /lib/ld-2.2.4.so SpaceWalker (Apr 26)
    - Re: /lib/ld-2.2.4.so Michal Zalewski (Apr 25)

(Thread continues...)