Re: wordperfect 8 for linux security

From: Keith Owens (kaosat_private)
Date: Fri Dec 18 1998 - 23:53:09 PST

Next message: Philip Stoev: "ValueClick CGI Vulnerability"

Previous message: Dr. Mudge: "Re: OSS nice tmp race"
Maybe in reply to: Edsel Adap: "wordperfect 8 for linux security"
Next in thread: Peter W: "Re: wordperfect 8 for linux security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 18 Dec 1998 11:47:45 -0500,
Edsel Adap <adapat_private> wrote:
>When wordperfect 8 is installed it creates a /tmp/wpc-<hostname>
>directory with permissions 777.  And all files inside of it are mode
>666.  And when these files are created, symlinks are followed.

Worse that that.  Even if you delete the wpc-<hostname> file, the next
time you run wpc it creates it again.  So do not run wp8 under any
powerful userid.

Next message: Philip Stoev: "ValueClick CGI Vulnerability"
Previous message: Dr. Mudge: "Re: OSS nice tmp race"
Maybe in reply to: Edsel Adap: "wordperfect 8 for linux security"
Next in thread: Peter W: "Re: wordperfect 8 for linux security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:25:15 PDT