[38267] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: crontab from vixie-cron allows read other users crontabs

daemon@ATHENA.MIT.EDU (Gadi Evron)
Thu Apr 7 13:15:38 2005

Message-ID: <4254458C.2030607@linuxbox.org>
Date: Thu, 07 Apr 2005 00:24:44 +0400
From: Gadi Evron <ge@linuxbox.org>
MIME-Version: 1.0
To: =?ISO-8859-2?Q?Karol_Wi=EAsek?= <appelast@drumnbass.art.pl>
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
In-Reply-To: <4253B350.8000903@drumnbass.art.pl>
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Content-Transfer-Encoding: 8bit

Karol Więsek wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Name:			vixie-cron

[snip]

> Details:
> 
> Insufficient checks allows user to change during edition regular file to
> symbolic link to any file. While copying crontab uses root permisions,
> but also checks entrys, so attacker is only able to read properly
> formated crontab files (another users crontabs).

[snip]

It should be noted that this is redhat specific, not in "vixie-cron".

*sniff*

	Gadi.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38267] in bugtraq

Re: crontab from vixie-cron allows read other users crontabs

daemon@ATHENA.MIT.EDU (Gadi Evron)Thu Apr 7 13:15:38 2005

daemon@ATHENA.MIT.EDU (Gadi Evron)
Thu Apr 7 13:15:38 2005