[23866] in bugtraq

home help back first fref pref prev next nref lref last post

Re: cdrdao insecure filehandling

daemon@ATHENA.MIT.EDU (Anthony DeRobertis)
Wed Jan 16 02:26:29 2002

In-Reply-To: <1010876960.3c40c220caef8@troja.dnsalias.org> 
From: "Anthony DeRobertis" <asd@suespammers.org>
To: Jens Steube <jsteube@lastflood.com>
Cc: bugtraq@securityfocus.com
Date: Tue, 15 Jan 2002 07:12:02 -0500
Mime-Version: 1.0
Content-Type: multipart/signed;
    boundary="=_mimegpg-Maxwell.local-23998-1011096727-0001";
    micalg=pgp-sha1; protocol="application/pgp-signature"
Message-Id: <E16QSRj-0006F6-00@asd.ppp0.com>

--=_mimegpg-Maxwell.local-23998-1011096727-0001
Content-Type: text/plain; format=flowed; charset=iso-8859-1
Content-Transfer-Encoding: 7bit

A work around on debian is to: 

dpkg-statoverride --update --add root root 0755 /usr/bin/cdrdao 

This tells dpkg that cdrdao is not to be suid root anymore, at least until 
you change or delete that override. 


--=_mimegpg-Maxwell.local-23998-1011096727-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEABECAAYFAjxEHJcACgkQi6CUbwPcQ8BsYgCfUS97NVQ2sT8BJ6nppDQGTEij
9h0Ani5TIm2/83YqLjOvExR/sIafRgMf
=UOBd
-----END PGP SIGNATURE-----

--=_mimegpg-Maxwell.local-23998-1011096727-0001--

home help back first fref pref prev next nref lref last post