Vulnerability Development mailing list archives

Re: slocate bug.

From: "Larry W. Cashdollar" <lwc () vapid dhs org>
Date: Sat, 16 Feb 2002 12:50:26 -0500 (EST)



On Fri, 15 Feb 2002, Kurt Seifried wrote:

[seifried@vomit seifried]$ ls -l /usr/bin/slocate
-rwxr-sr-x    1 root     slocate     25020 Jun 25  2001 /usr/bin/slocate

I am group slocate. I can write to slocate binary. root runs slocate (well,
locate, which is a link to slocate). I think that might be a problem.


The group write permission bit isn't set on the slocate binary so you cant
write to it, and if your using a binary to write over itself aren't you
going to get a text file busy error?

-- larry

Current thread:

slocate bug. Ehud Tenenbaum (Feb 14)
- Re: slocate bug. KF (Feb 14)
  - Re: slocate bug. Rodrigo Barbosa (Feb 15)
    - Re: slocate bug. Guilherme Mesquita (Feb 15)
    - Re: slocate bug. Kurt Seifried (Feb 16)
    - Re: slocate bug. Larry W. Cashdollar (Feb 16)
    - Re: slocate bug. Kurt Seifried (Feb 16)
    - Re: slocate bug. Larry W. Cashdollar (Feb 16)
    - Re: slocate bug. Larry W. Cashdollar (Feb 17)
    - Re: slocate bug. Rodrigo Barbosa (Feb 21)
    - Re: slocate bug. Rodrigo Barbosa (Feb 21)
  - RE: slocate bug. John Adair (Feb 15)
- <Possible follow-ups>
- Re: slocate bug. jaytee () email it (Feb 14)
- Re: slocate bug. Wodahs Latigid (Feb 15)
  - Re: slocate bug. Rodrigo Barbosa (Feb 20)
- Re: slocate bug. Wodahs Latigid (Feb 21)

(Thread continues...)