[6624] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Debian 2.0] /usr/bin/suidexec gives root access

daemon@ATHENA.MIT.EDU (Russell Coker - mailing lists acco)
Tue Apr 28 17:34:01 1998

Date: 	Wed, 29 Apr 1998 06:45:19 +1100
Reply-To: Russell Coker - mailing lists account <bofh@COKER.COM.AU>
From: Russell Coker - mailing lists account <bofh@COKER.COM.AU>
X-To:         Thomas Roessler <roessler@GUUG.DE>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <19980428152854.A12681@sobolev.rhein.de>

>Executive summary: /usr/bin/suidexec gives every user a
>root shell.  Remove it.

  Also change the suidexec line in /etc/suid.conf to the following so it never
gets the SUID bit again: suidmanager /usr/bin/suidexec root root 755
                                       ^^^^
The default is 4755.


---
Vote 1; Claudia Christian.
http://www.worldcharts.nl/xindex.html


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[6624] in bugtraq

Re: [Debian 2.0] /usr/bin/suidexec gives root access

daemon@ATHENA.MIT.EDU (Russell Coker - mailing lists acco)Tue Apr 28 17:34:01 1998

daemon@ATHENA.MIT.EDU (Russell Coker - mailing lists acco)
Tue Apr 28 17:34:01 1998