[10897] in bugtraq
Re: Cabletron Spectrum security vulnerability
daemon@ATHENA.MIT.EDU (Dave Plonka)
Thu Jun 24 17:12:06 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990624120137.23989@doit.wisc.edu>
Date: Thu, 24 Jun 1999 12:01:37 -0500
Reply-To: plonka@doit.wisc.edu
From: Dave Plonka <plonka@DOIT.WISC.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <7DF40C8D8893D21184940008C709AAFC16560D@corp-exc4.ctron.com>;
from Miscioscia, George M on Thu, Jun 24, 1999 at 12:24:00AM -0400
On Thu, Jun 24, 1999 at 12:24:00AM -0400, Miscioscia, George M wrote:
> Spectrum users,
>
> This statement is not entirely true...
>
> "The writable directories include those containing the Spectrum executables,
> at least one of which is, and apparently must be, run as "root" during
> normal operation of the product."
>
> Although certain directories are made writable, the SpectroSERVER executable
> need only run once as "root".
The one Spectrum executable to which I was referring (but didn't name)
when I said "apparently must be run as root" is "processd", not
"SpectroSERVER".
processd, which is an inetd-like process, must be run as root because
only a root-owned process can arbitrarily launch child processes that can
subsequently setuid(2) to become other users such as "spectrum".
I know of no one who normally runs SpectroSERVER as root, and do not claim
that it has anything to do with the aforementioned vulnerability.
As an aside:
My original posting to start this thread went to two mailing lists
simultaneously: "spectrum@po.cwru.edu" and "bugtraq.org". Me thinks
that some of the replies in this thread may just be the result of folks
using a "group" reply feature (replying to all recipients) in their MUA
and were not (necessarily) meant for "bugtraq".
If nothing else, this can serve as a reminder to myself and others that
it may be better to compose seperate messages, one to each list. That
way the other lists' address(es) won't appear in the message headers.
Dave
--
plonka@doit.wisc.edu http://net.doit.wisc.edu/~plonka ARS:N9HZF Madison, WI
