[519] in linux-announce channel archive
SECURITY: hole in old versions of at for Linux
daemon@ATHENA.MIT.EDU (Lars Wirzenius)
Fri May 5 13:17:48 1995
Date: Fri, 5 May 1995 18:26:34 +0300
From: Lars Wirzenius <wirzeniu@cc.helsinki.fi>
To: linux-activists@niksula.hut.fi, linux-announce@vger.rutgers.edu
X-Mn-Key: announce
Subject: SECURITY: hole in old versions of at for Linux
From: Thomas.Koenig@ciw.uni-karlsruhe.de
Keywords: at atrun security
Newsgroups: comp.os.linux.announce
Organization: ?
Approved: linux-announce@news.ornl.gov (Lars Wirzenius)
Followup-to: comp.os.linux.setup
References:
Earlier versions of my at/atrun package for Linux had a bug which
allowed root access for any authorized user of the system.
This bug can only be exploited if the user can edit a job he's
submitted to the atrun queue.
If 'at -V' shows a version earlier than 2.7, or if the directory
/var/spool/atjobs (or, possibly, /usr/spool/atjobs) is world -
executable, you are vulnerable.
In that case, upgrade your system to at 2.7 or 2.7a immediately.
In the meantime, changing the permissions of /var/spool/atjobs to 700
will prevent unauthorized root access; this may also render the
'at' system unusable.
Non - vulnerable versions of at have been around for about 10
months, and have been included in the standard distributions.
--
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet.
The joy of engineering is to find a straight line on a double
logarithmic diagram.
--
Send submissions for comp.os.linux.announce to: linux-announce@news.ornl.gov
PLEASE remember Keywords: and a short description of the software.
