FozZy, I am sorry, but I might be misunderstanging what you are saying. If you change the filepermission in unix/linux, to readable by world, yeah, they can see file names and the files. BUt you seem to be talking about changing the permissions at the directory level, and not the file level (admittedly, yse, directory is a file). I don't understand about the deleted files that you mention as being readable, after they are deleted. While you can say this is not a new vulnerability, if this really is how things aer working today, then this is a re-occurance of an old and known vulnerabiliity that was fixed at least at one time. I am going to have to spend some time testing this to see if it is repeatable with file level permissions and directory level - and deleted files. If it is, this is a problem on at least small systems and maybe on large ones too. thanks!! bob
This archive was generated by hypermail 2b30 : Sat Jun 22 2002 - 22:21:13 PDT