home *** CD-ROM | disk | FTP | other *** search
/ NetNews Usenet Archive 1992 #16 / NN_1992_16.iso / spool / comp / security / misc / 756 < prev    next >
Encoding:
Internet Message Format  |  1992-07-21  |  871 b 
  1. Path: sparky!uunet!zaphod.mps.ohio-state.edu!moe.ksu.ksu.edu!math.ksu.edu!deadend
  2. From: tar@math.ksu.edu (Tim Ramsey)
  3. Newsgroups: comp.security.misc
  4. Subject: Re: root-owned world-writable files
  5. Date: 21 Jul 1992 16:00:16 -0500
  6. Organization: Dept. of Mathematics, Kansas State University
  7. Lines: 13
  8. Message-ID: <14htt0INNiep@hilbert.math.ksu.edu>
  9. References: <62524@cup.portal.com> <1992Jul21.201056.662@newshost.lanl.gov>
  10. NNTP-Posting-Host: hilbert.math.ksu.edu
  11.  
  12. jfowler@beta.lanl.gov (John C. Fowler) writes:
  13.  
  14. >Only if the system trusts the contents of the file, or root executes it,
  15.  
  16. How do you get a complete list of files that are trusted by root, or by
  17. programs that root trusts (that is, are setuid root)?
  18.  
  19. Much easier to simply not have world-writable files owned by root.
  20.  
  21. -- 
  22.     Tim Ramsey, 913.532.6750
  23.     Department of Mathematics
  24.     Kansas State University
  25.