Re: chmod 000 .rhosts - works?

Pat Myrto (rwing!pat@ole.cdac.com)
Wed, 19 Oct 94 7:21:37 PDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: F. L. Charles Seeger III: "Re: Internet Worm"
Previous message: John Abreau: "Re: chmod 000 .rhosts - works?"
In reply to: John Abreau: "Re: chmod 000 .rhosts - works?"
Next in thread: Supak Lailert \: "Re: Internet Worm"

"In the previous message, John Abreau said..."
> 
> I'd think the most straightforward fix would be to replace the uses of 
> system(...) in the source. In the example above, replace
> 	system("mkdir foo");
> with
> 	mkdir("foo", 0700);
> 
> (This assumes, of course, that you have sources...)

Unfortunately, most don't, so if a patch isn't available, one must
do creative things with privs and perms (or disable expreserve) to
fix it.

Its amazing that bug still remains, as widely known as it is and as old
as it is.  Practically every OS vendor has some kind of patch for it,
yet continue to not fix it in subsequent releases.  Makes one wonder.
Perhaps a few people sent 'to the bullet-riddled wall' for using system()
at full SUID privs in a SUID program would reduce such usage in the
future... :-)

-- 
pat@rwing  [If all fails, try:  rwing!pat@eskimo.com]  Pat Myrto - Seattle WA
"No one has the right to destroy another person's belief by demanding
empirical evidence."  --   Ann Landers, nationally syndicated advice columnist
and Director at Handgun Control Inc.

Next message: F. L. Charles Seeger III: "Re: Internet Worm"
Previous message: John Abreau: "Re: chmod 000 .rhosts - works?"
In reply to: John Abreau: "Re: chmod 000 .rhosts - works?"
Next in thread: Supak Lailert \: "Re: Internet Worm"