[8255] in bugtraq
Re: solaris tape dev permission stupidity
daemon@ATHENA.MIT.EDU (Casper Dik)
Fri Oct 23 15:44:24 1998
Date: Thu, 22 Oct 1998 20:12:57 +0200
Reply-To: Casper Dik <casper@HOLLAND.SUN.COM>
From: Casper Dik <casper@HOLLAND.SUN.COM>
X-To: joshua grubman <jg@FALSE.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Wed, 21 Oct 1998 18:14:53 EDT."
<Pine.SOL.3.96.981021180435.21506B-100000@zero.false.net>
>hi,
>
>this is rather silly and obvious, but i couldn't find anything in seaching
>the old archives on geek-girl.com.
>
>problem:
>
>under solaris, scsi tape devices (/dev/rmt/*, which are linked to the st@x,x:
>devs in /devices) are created with the permissions bits set to 666. this allows
>a mallicious user with a login on your system to 'mt erase' the contents of any
>tape devices connected to your system.
>
>solution:
>
>this is a tough one. i'll let you figure it out yourself.
Tough?
You could either use /etc/logindevperm (for tapes connected to desktops)
use chmod or edit /etc/minorperm.
Casper
