[3117] in bugtraq
Re: IRIX 5.3 chost
daemon@ATHENA.MIT.EDU (Mike Kienenberger)
Mon Aug 12 21:04:59 1996
Date: Mon, 12 Aug 1996 15:57:34 -0800
Reply-To: mkienenb@arsc.edu
From: Mike Kienenberger <mkienenb@arsc.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199608121852.LAA19134@shellx.best.com>
On Mon, 12 Aug 1996, Vern Hart wrote:
> I just installed patch 1096 on a 5.3 system here and I am still able to
> get in through the chost security hole. So I'm pretty sure the patch
> doesn't plug the hole.
How about patch 1324?
This patch contains fixes for the following bugs in IRIX
5.3. Bug numbers from Silicon Graphics bug tracking system
are included for reference.
o The IRIX 5.3 permissions panel has a security hole that
will allow non-privileged users to change the ownership
and permissions on any file on the system. This patch
should be installed on all IRIX 5.3 systems to remove
the security hole. (Bug #375613)
This is probably the patch that fixes the problem.
---
Mike Kienenberger Arctic Region Supercomputing Center
Systems Analyst (907) 474-6842
mkienenb@arsc.edu http://www.arsc.edu
