[245] in linux-security and linux-alert archive
Re: switching symlinks on atrun
daemon@ATHENA.MIT.EDU (Thomas Koenig)
Fri May 26 04:50:51 1995
To: shields@tembel.org (Michael Shields)
Date: Thu, 25 May 1995 11:29:23 +0200 (MET DST)
Cc: Thomas.Koenig@ciw.uni-karlsruhe.de, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <m0sETP6-000DOnC@yage.tembel.org> from "Michael Shields" at May 25, 95 03:16:08 am
From: Thomas.Koenig@ciw.uni-karlsruhe.de (Thomas Koenig)
>
> > /var/spool/atrun is owned by a non - root userid, usually bin.
> >
> > If somebody broke into bin, he could then execute a shell script
> > owned by root with root permissions, via a
>
> But lots of things are owned by bin. /bin/sh is probably owned by bin.
> If you have bin, you can get root, at or no at.
Ugh... they should not be. Unless some system binary needs to be setuid
to a particular userid, it should ALWAYS be owned by root, for exactly
this reason.
--
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet.
The joy of engineering is to find a straight line on a double
logarithmic diagram.
