On Fri, Jun 29, 2001 at 10:14:23PM +1000, Peter Tonoli wrote: > I've just looked into the root of a machine we have here. Not an upgrade > from OS 9. Started with install off the release cd, and now 10.0.4 is > installed. Seems the following have write access by any user, by default. > > drwxrwxrwx 21 root wheel 670 Jun 19 10:06 Applications (Mac OS 9) > -rwxrwxrwx 1 root wheel 942080 Jun 26 11:03 Desktop DB > -rwxrwxrwx 1 root wheel 2831842 Jun 26 09:17 Desktop DF > drwxrwxrwx 3 root staff 58 Jun 29 21:51 Desktop Folder > drwxrwxrwx 11 root wheel 330 May 29 10:33 Documents > -rwxrwxrwx 1 root wheel 0 May 30 13:33 Late Breaking News > drwxrwxrwx 49 root wheel 1622 Jun 28 14:29 System Folder > drwxrwxrwx 3 xxxxxx admin 264 Jun 28 14:40 Temporary Items > drwxrwxrwx 2 root wheel 264 May 28 12:30 TheFindByContentFolder > drwxrwxrwx 4 root wheel 264 May 7 10:12 TheVolumeSettingsFolder > drwxrwxrwx 2 root wheel 264 Jun 28 14:29 Trash > -rwxrwxrwx 1 root wheel 547356672 Jun 28 14:26 VM Storage All files and directories created by MacOS will have 0777 permissions on the OSX side. > xxxxx is currently logged in. "VM Storage" is an interesting one. Running > strings on it gets about 500 outputs of "ISP_Guard_Page", so I assume > there's some sort of protection scheme happening there. I don't see what's > stopping trojans being installed in Applications, considering it's > writable to all and sundry. the VM Storage file is the MacOS (not OSX) swapfile, i think everyone knows the implications of world readable (much less writable) swap files. -- Ethan Benson http://www.alaska.net/~erbenson/
This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 01:23:12 PDT