Vulnerability Development mailing list archives
Re: spying (deleted) file entries in other users' directories
From: bad bob <sfmc68 () bellatlantic net>
Date: Sat, 22 Jun 2002 21:36:21 -0400
FozZy, I am sorry, but I might be misunderstanging what you are saying. If you change the filepermission in unix/linux, to readable by world, yeah, they can see file names and the files. BUt you seem to be talking about changing the permissions at the directory level, and not the file level (admittedly, yse, directory is a file). I don't understand about the deleted files that you mention as being readable, after they are deleted. While you can say this is not a new vulnerability, if this really is how things aer working today, then this is a re-occurance of an old and known vulnerabiliity that was fixed at least at one time. I am going to have to spend some time testing this to see if it is repeatable with file level permissions and directory level - and deleted files. If it is, this is a problem on at least small systems and maybe on large ones too. thanks!! bob
Current thread:
- spying (deleted) file entries in other users' directories FozZy (Jun 22)
- Re: spying (deleted) file entries in other users' directories bad bob (Jun 22)
- Re: spying (deleted) file entries in other users' directories FozZy (Jun 23)
- Re: spying (deleted) file entries in other users' directories bad bob (Jun 23)
- Re: spying (deleted) file entries in other users' directories FozZy (Jun 23)
- Re: spying (deleted) file entries in other users' directories D.C. van Moolenbroek (Jun 24)
- Re: spying (deleted) file entries in other users' directories Valdis . Kletnieks (Jun 26)
- Re: spying (deleted) file entries in other users' directories Robert Bihlmeyer (Jun 26)
- RE: spying (deleted) file entries in other users' directories Maximiliano PĂ©rez (Jun 28)
- Re: spying (deleted) file entries in other users' directories bad bob (Jun 22)