Re: Large security hole in SGI IRIX 5.2

Dave Schweisguth (dcs@proton.chem.yale.edu)
Fri, 3 Mar 1995 20:00:21 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Horsfall: "Re: Sendmail fixkit"
Previous message: John F. Haugh II: "Re: Sendmail fixkit"
In reply to: Christian A. Ratliff: "Re: Large security hole in SGI IRIX 5.2"
Next in thread: Software Test Account: "Re: Large security hole in SGI IRIX 5.2"

Christian A. Ratliff wrote:
> The [IRIX /usr/lib/desktop/permissions] hole comes from the authentication
> being at the _dirview_ (an SGI directory browser) level. You can only pull
> up 'permissions' when the menu item is not grayed out. If you run
> 'permissions' by hand, you eliminate that check and have root access to the
> permissions on an file.

That isn't true here. If I run /usr/lib/desktop/permissions by hand and try
to do something I shouldn't, it asks me for the root password. There may well
be some way to trick it, but it's not that obvious (especially since I don't
use the thing; it's the boring half of chmod). IRIX 5.3, if it matters.

Cheers,

-- 
| Dave Schweisguth    Internet: dcs@proton.chem.yale.edu   MIME spoken here |
| Yale Depts. of MB&B & Chemistry   Phone: 203-432-5208   Fax: 203-432-6144 |
| For complying with the NJ Right To Know Act:  Contents partially unknown. |

Next message: Dave Horsfall: "Re: Sendmail fixkit"
Previous message: John F. Haugh II: "Re: Sendmail fixkit"
In reply to: Christian A. Ratliff: "Re: Large security hole in SGI IRIX 5.2"
Next in thread: Software Test Account: "Re: Large security hole in SGI IRIX 5.2"