[16430] in bugtraq
Re: RH 6.1 / 6.2 minicom vulnerability
daemon@ATHENA.MIT.EDU (Sylvain Robitaille)
Wed Aug 30 14:11:40 2000
Message-ID: <200008300057.UAA18268@alcor.concordia.ca>
Date: Tue, 29 Aug 2000 20:57:45 -0400
Reply-To: Sylvain Robitaille <syl@ALCOR.CONCORDIA.CA>
From: Sylvain Robitaille <syl@ALCOR.CONCORDIA.CA>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <39A2D8E7.AC296DCB@valleylocal.com>
Ben Lull wrote:
> ... Yep Slackware (7.x) too using minicom 1.82 and 1.82.1
Just for the record, I checked with Slackware-4, which also has
minicom-1.82, (but I've already changed mine to be setgid "modem" so it
has only permission to write to the modem device).
One thing Ben's example didn't show is confirmation that this problem
follows symlinks on his system, and creates the file accoring to the
umask, which I've found to be the case on mine:
: charlotte[syl] ~; ln -s /tmp/foo .
: charlotte[syl] ~; ( umask 2 ; minicom -C foo )
minicom: cannot open /dev/ttyS1: Permission denied
: charlotte[syl] ~; ls -l /tmp/foo
-rw-rw-r-- 1 syl modem 0 Aug 29 20:44 /tmp/foo
Lessons learned:
- don't install UUCP commands unless you actually need them, (and most
people really don't anymore. If you install UUCP commands, *know* what
other programs will run with the same privileges.
- go through your system after installation and reduce permissions to
only what's required. There's nothing on my system that would be
writable to group modem, except of course the modem device.
--
----------------------------------------------------------------------
Sylvain Robitaille syl@alcor.concordia.ca
Systems analyst Concordia University
Instructional & Information Technology Montreal, Quebec, Canada
----------------------------------------------------------------------
