> Cops v1.04 (see below for a patch) [...] > All the following bugs can be used to create or overwrite any file on the > system, because these applications run usually under the root id. There's no reason to run COPS as root; indeed, it explicitly says in the docs that you shouldn't. Also, the res_diff bug only affects people running it out of cron (it examines the difference in the last run.) Checkacct & mail.chk are not used in the normal cops run also. (Shame on me for doing this anyway, even if it was almost 10 years ago; I used same-dir temp files for everything else.) I won't comment on satan, 'cuz wietse already did. > closing remarks: I was shocked when I found these bugs. These security tools > have been around since years - and yet nobody had checked this ?? I had found the problems in cops (in res_diff, not the other programs; one wasn't even mine) but never got around to releasing a patch - hardly an earth-shattering problem, IMHO. > If this is a reflection of our security consciousness, well, we are in big > trouble since a long time and things are not getting better (especially with > M$ around) Believe me, the security conciousness of today is light years ahead of where we where back when, which shows you how pathetic things were then. However, it's good to see someone putting effort into these things - keep up the work. dan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:56 PDT