[5756] in bugtraq
Re: pinelock.csh exploit
daemon@ATHENA.MIT.EDU (Jim Bourne)
Mon Dec 8 10:59:29 1997
Date: Sat, 6 Dec 1997 11:17:48 -0800
Reply-To: Jim Bourne <jbourne@ISLAND.NET>
From: Jim Bourne <jbourne@ISLAND.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SOL.3.96.971202223248.9411A-100000@kepler>
On Tue, 2 Dec 1997, Roger Harrison ? wrote:
> There was something a while ago on bugtraq about pinelock
> files and how they were mode 666. This program I wrote takes this idea
> and brings it a step further into an easy way to show why this is a
> problem. My program <pinelock.csh> allows you to log off a user or kill
> one of their processes IF they open up a second session of pine. It
> isn't terribly useful, except for annoying a user. However, if root opens
> up two sessions of pine, I can think of some interesting processes and
> daemons which might be killed. Copies of this program will be stored
> at http://kepler.poly.edu/~rharri01/. Click on files and
> then click on pinelock.csh. Have fun!
Not sure if this is the right thing to do, or if it will cause problems with
other parts of pine but there is a quick fix.
bash# diff env_unix.c~ env_unix.c
49c49
< static long lock_protection = 0666;
---
> static long lock_protection = 0600;
this file can be found in imap/c-client under the source tree of pine-3.96
and leaves the lock file mode 600:
-rw------- 1 jbourne users 4 Dec 6 11:16 .2.21200505
IMHO opening/leaving any file on the file system mode 666 is a bad idea, esp
if it's in a directory that has public write permissions.
Regards,
James Bourne
>
> -Iconoclast
> iconoclast@thepentagon.com
--
James Bourne | E-Mail: jbourne@island.net
System Administrator | WWW: http://www.island.net
Island Internet Inc. | Linux - The choice of a GNU generation
