[12709] in bugtraq
Oracle 8i questions
daemon@ATHENA.MIT.EDU (Brock Tellier)
Wed Nov 24 01:58:26 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Message-Id: <19991123223743.28830.qmail@www0h.netaddress.usa.net>
Date: Tue, 23 Nov 1999 15:37:43 MST
Reply-To: Brock Tellier <btellier@USA.NET>
From: Brock Tellier <btellier@USA.NET>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Content-Transfer-Encoding: 8bit
After talking to the people in Oracle's security group, I've realized that it
is impossible to get an answer regarding what programs in particular are still
setuid-anything/setgid-anything in the latest versions of Oracle with all the
supported patches installed. When I take a look at the Oracle-provided
remove-suid-bits-script, I notice:
EXECS_NOT_TO_UNSET="oracle dbsnmp"
Which makes it so that my exploit (for dbsnmp) and all others involving dbsnmp
will still work. What do the newer patches do to prevent the problems of old?
From what I've read on the Oracle support page, the "oracle" program MUST be
setuid-oracle if it is in a multi-user environment, and doesn't that have just
as many file-access problems as dbsnmp?
Brock Tellier
UNIX Systems Administrator
Organic Inc. www.organic.com
USA, IL, Chicago
____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
