After talking to the people in Oracle's security group, I've realized that it is impossible to get an answer regarding what programs in particular are still setuid-anything/setgid-anything in the latest versions of Oracle with all the supported patches installed. When I take a look at the Oracle-provided remove-suid-bits-script, I notice: EXECS_NOT_TO_UNSET="oracle dbsnmp" Which makes it so that my exploit (for dbsnmp) and all others involving dbsnmp will still work. What do the newer patches do to prevent the problems of old? From what I've read on the Oracle support page, the "oracle" program MUST be setuid-oracle if it is in a multi-user environment, and doesn't that have just as many file-access problems as dbsnmp? Brock Tellier UNIX Systems Administrator Organic Inc. www.organic.com USA, IL, Chicago ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:13:58 PDT