[3871] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: FALSE ALARM: Re: Another buggy root cron job

daemon@ATHENA.MIT.EDU (Bruce Evans)
Wed Dec 25 12:07:37 1996

Date: 	Thu, 26 Dec 1996 00:45:28 +1100
Reply-To: Bruce Evans <bde@zeta.org.au>
From: Bruce Evans <bde@zeta.org.au>
X-To:         security-officer@freebsd.org, security@freebsd.org,
              steve@edmweb.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>

>My face is very red.
>
>>From /etc/weekly:
>echo /usr/libexec/locate.updatedb | nice -5 su -m nobody 2>&1 |\
>        fgrep -v 'Permission denied'
>
>It's run as nobody.

Indeed.

There's a similar potential hole in mkdep.  This hole is a bit larger
than the one for the race in mktemp().  No one runs `make depend' or
compiles things as root on public machines, right? ;-)

Bruce


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3871] in bugtraq

Re: FALSE ALARM: Re: Another buggy root cron job

daemon@ATHENA.MIT.EDU (Bruce Evans)Wed Dec 25 12:07:37 1996

daemon@ATHENA.MIT.EDU (Bruce Evans)
Wed Dec 25 12:07:37 1996