Re: Solaris 2.x chkperm/arp vulnerabilities

From: Casper Dik (casperat_private)
Date: Fri Dec 03 1999 - 00:19:39 PST

Next message: David Zverina: "Re: HP Secure Web Console"

Previous message: Kevin Hemenway: "Re: FormHandler.cgi"
Next in thread: Craig Ruefenacht: "Re: Solaris 2.x chkperm/arp vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Arp bug Verified for my Solaris 5.6 and 5.5.1 Installs.
>
>$ uname -a
>SunOS pangea 5.5.1 Generic_103640-26 sun4u sparc SUNW,Ultra-5_10
>
>
># uname -a
>SunOS vapid 5.6 Generic_105181-05 sun4u sparc SUNW,Ultra-5_10
>#
>
>$ ls -l /etc/bin
>-rw-rw----   1 bin      bin           23 Dec  1 13:54 /etc/bin
>
>On both machines I could read bin:bin owned files as a regular joe user with arp


You can safely remove the set-gid bin from arp; I'm not sure why it's
still there or in what cases it needs such privileges.

I don't think group bin ever had any files or devices
readable only to it; I can't figure out why it was ever made
set-gid bin.

Casper

Next message: David Zverina: "Re: HP Secure Web Console"
Previous message: Kevin Hemenway: "Re: FormHandler.cgi"
Next in thread: Craig Ruefenacht: "Re: Solaris 2.x chkperm/arp vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:16:49 PDT