[87] in linux-security and linux-alert archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Secure setup for file transfer

daemon@ATHENA.MIT.EDU (Elias Levy)
Thu Mar 9 21:07:31 1995

Date: Thu, 9 Mar 1995 15:11:26 -0800 (PST)
From: Elias Levy <elias@power.net>
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.HPP.3.90.950308233138.13403A-100000@central.surrey.ac.uk>
Reply-To: linux-security@tarsier.cv.nrao.edu

On Wed, 8 Mar 1995, Mr Martin J Hargreaves wrote:

> 
> 	Is this list going to be full disclosue like bugtraq? If so can 
> we have details? Otherwise do you have a fix (other than only running 
> SVGAlib programs as root).
> 
> 		M.

SuperProbe, X, SVGAlib, and other programs shuld not be run setuid root.
This allows anyone telneted into the system to screw up your console.
root should install these programs, and if your logged in the console as
someone other than root you should have permissions to start X, etc. 
Therefore the setuid bit in this programs are usually not needed.

elias@power.net (Elias Levy)
PowerNet, Inc.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[87] in linux-security and linux-alert archive

Re: Secure setup for file transfer

daemon@ATHENA.MIT.EDU (Elias Levy)Thu Mar 9 21:07:31 1995

daemon@ATHENA.MIT.EDU (Elias Levy)
Thu Mar 9 21:07:31 1995