Re: permission probs with Arkeia

From: Bryan K. Watson (bwatsonat_private)
Date: Wed Jul 25 2001 - 10:56:37 PDT

Next message: Martin Elster: "Re: Telnetd AYT overflow scanner"

Previous message: Grzegorz Mucha: "Re: Firewall-1 Information leak"
In reply to: Thomas Broniecki: "RE: permission probs with Arkeia"
Next in thread: Thomas Broniecki: "RE: permission probs with Arkeia"
Next in thread: Daniel Wittenberg: "Re: permission probs with Arkeia"
Reply: Thomas Broniecki: "RE: permission probs with Arkeia"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have tested this and I can read the contents of all database files as
an unprivileged user in our ARKEIA servers.  So if I can get all
directory information from the ARKEIA backup trees, and I can get the
filenames from the database files, then I can launch specific exploits
to grab the files that I am interested in...dangerous, considering that
most cracking takes place from within the company according to published
stats.

-Bryan

Thomas Broniecki wrote:
> 
> I'm running commercial version arkeia-server v4.2.8-2, arkeia-client
> v4.2.15-1 on RedHat 6.2 w/ kernel 2.2.19. NLSERVD is run by root and all my
> permissions are 755 in the /usr/knox/arkeia/dbase directory. I have not
> noticed a permissions issue with my backup server dbase file sets.
> 
> Check to see if NLSERVD is run by root. who is the owner and group of the
> directory dbase/?
> 
> tb.
>

Next message: Martin Elster: "Re: Telnetd AYT overflow scanner"
Previous message: Grzegorz Mucha: "Re: Firewall-1 Information leak"
In reply to: Thomas Broniecki: "RE: permission probs with Arkeia"
Next in thread: Thomas Broniecki: "RE: permission probs with Arkeia"
Next in thread: Daniel Wittenberg: "Re: permission probs with Arkeia"
Reply: Thomas Broniecki: "RE: permission probs with Arkeia"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 12:41:28 PDT