| To: | Eric Sandeen <sandeen@xxxxxxx> |
|---|---|
| Subject: | Re: FIX: World-writeable files repair script |
| From: | Keith Owens <kaos@xxxxxxxxxxxxxxxxx> |
| Date: | Fri, 03 Aug 2001 10:20:35 +1000 |
| Cc: | linux-xfs@xxxxxxxxxxx |
| In-reply-to: | Your message of "02 Aug 2001 13:50:32 EST." <996778232.17558.9.camel@xxxxxxxxxxxxxxxxxxxxxx> |
| Sender: | owner-linux-xfs@xxxxxxxxxxx |
On 02 Aug 2001 13:50:32 -0500, Eric Sandeen <sandeen@xxxxxxx> wrote: >Here's a script that should fix all the mis-permed files that may be >lurking out there... Sending this out now to get feedback before I >unleash it on the world at large. Add /lib/modules/*/modules.dep. If that file is world writable you have a local root exploit. Due to the kernel bug, this has occurred on Slackware installs. As part of that exploit, people reported that /var/log/wtmp and /var/run/utmp are also created with the wrong mask. Not exploitable AFAIK but you can hide tasks if utmp is world writable. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Strage values from FIBMAP on holes or after end of file, utz lehmann |
|---|---|
| Next by Date: | pagebuf in kernel causes abnormal behavior, Thomax |
| Previous by Thread: | Re: FIX: World-writeable files repair script, utz lehmann |
| Next by Thread: | Re: FIX: World-writeable files repair script, Eric Sandeen |
| Indexes: | [Date] [Thread] [Top] [All Lists] |