Re: BUGTRAQ ALERT: Solaris 2.x vulnerability
Wolfgang Ley (ley@cert.dfn.de)
Tue, 15 Aug 1995 16:36:59 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Darren Reed wrote:
>
> In some mail from Scott Chasin, sie said:
> [...]
> > The following is a bootup script should be added to ensure that
> > the sticky bit stays.
> >
> > This file should be called /etc/rc3.d/S79tmpfix
> [...]
>
> If you look closely at the rc scripts, you'll notice that S05RMTMPFILES
> is meant to do all this.
>
> Obviously, it doesn't.
>
> This script file is disfunctional, as far as I can tell. It doesn't
> even do what it says, mostly it relies on tmpfs being used.
The problem with the script is, that is only clears (and chmod()'s)
/tmp if it is not a mount point. So if you don't have /tmp on your root
partition it won't work...
The problem line:
M=`/sbin/mount | /usr/bin/egrep '^/tmp(/| )' | /usr/bin/wc -l`
if [ $M -eq 0 ]
...
If you do have /tmp on a separate partition nothing will be done.
Bye,
Wolfgang.
- --
- ----------------------------------------------------------------------
Wolfgang Ley, DFN-CERT, Vogt-Koelln-Str. 30, 22527 Hamburg, Germany
Email: ley@cert.dfn.de Phone: +49 40 54715-262 Fax: +49 40 54715-241
PGP-Key available via finger ley@ftp.cert.dfn.de any key-server or via
WWW from http://www.cert.dfn.de/~ley/ ...have a nice day
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMDCxAAQmfXmOCknRAQGBnAQAqsF8czzosG14GVpx4VtL2owAdjiruoYx
9u/bvKeAJ9yJzbHRBpzISN+rh1KYDYbJCNwmBnSU7YzvzwCDQHF9GYfEQwfTFMZ4
QGVJyjhyK0Rk32xc8nifmsp3OHHmEg3KRUFIjttRSAshXJdVaEgROsaHDBQm3xNS
38O+wGzdTnw=
=iSYV
-----END PGP SIGNATURE-----