PLEASE REPOST SECRUITY HOLE PROBLEM AND SOLUTION

PLEASE REPOST SECRUITY HOLE PROBLEM AND SOLUTION

Post by Keith L » Wed, 14 Jun 1995 04:00:00



I just picked up on this thread, and none of the available previous
messages state what exactly is the hole.  Can somebody please summarie
the problem, how it is accomplished, and the fix?  Many thanks.

keith

--
------------------------------------------------------------------------------

WWW:  http://www.cdf.toronto.edu/cgi-bin/hpp?K.Luk.html

 
 
 

1. REPOST: SECURITY: hole in old versions of at for Linux

Earlier versions of my at/atrun package for Linux had a bug which
allowed root access for any authorized user of the system.

This bug can only be exploited if the user can edit a job he's
submitted to the atrun queue.

If 'at -V' shows a version earlier than 2.7, or if the directory
/var/spool/atjobs (or, possibly, /usr/spool/atjobs) is world -
executable, you are vulnerable.

In that case, upgrade your system to at 2.7 or 2.7a immediately.

In the meantime, changing the permissions of /var/spool/atjobs to 700
will prevent unauthorized root access; this may also render the
'at' system unusable.

Non - vulnerable versions of at have been around for about 10
months, and have been included in the standard distributions.
--

The joy of engineering is to find a straight line on a double
logarithmic diagram.

--

PLEASE remember Keywords: and a short description of the software.

2. German Government and Linux

3. Repost (*please* help me now): ls problems with ftp

4. Where to find x311u2S3.tgz, S3-968

5. How to Solution the ftp Security hole ???

6. rpm package dependencies

7. NCR SCSI Problems (Repost please read)

8. regular lockup on 2.4.2 (w/oops)

9. please repost fix for disk spindown problem

10. Repost: Please help [Was: Some newbie problems]

11. SOLUTION Re: SMail security hole?

12. Matrox Mystique ands X.

13. repost solution to: "why it takes 20years to telnet to RedHat Linux"