[10075] in bugtraq
Re: Bug in xfs
daemon@ATHENA.MIT.EDU (David Jacobson)
Thu Apr 1 14:01:46 1999
Date: Thu, 1 Apr 1999 10:13:17 +0200
Reply-To: jakes@LEET.ORG
From: David Jacobson <jakes@LEET.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.10.9903310449360.8040-100000@rzlin1.ruf.uni-freiburg.de>
On Wed, 31 Mar 1999, Roman Drahtmueller wrote:
> [snip]
> > [lukasz@lt /tmp]$ ls -all /etc/shadow
> > -r-------- 1 root root 544 Mar 30 00:04 /etc/shadow
> [snip]
> > [root@lt /root]# xfs &
> [snip]
> > [lukasz@lt /tmp]$ ls -all /etc/shadow
> > -rwxrwxrwt 1 root root 544 Mar 30 00:04 /etc/shadow
> [snip]
> > Solution, As root before run xfs, make rm -rf /tmp/.font-unix
>
> For sure this needs to be fixed. Your "solution" introduces a race
> condition, though, if the font server is started when users are
> allowed to log on.
>
> A better interim aid is not to run xfs as root in the first place. In
> fact, why would one want to run things as root if not necessary?
>
> Roman.
> Computer Center University of Freiburg, Germany.
> "The whole world is about three drinks behind." (Humphrey Bogart)
>
I would just like to say that Debian/GNU Linux Potato is not vulnerable to
this xfs vulnerability.
