[2428] in bugtraq
Re: pcnfsd
daemon@ATHENA.MIT.EDU (Doug Hughes)
Thu Nov 30 10:55:26 1995
Date: Wed, 29 Nov 1995 10:28:28 -0600
Reply-To: Bugtraq List <BUGTRAQ@crimelab.com>
From: Doug Hughes <Doug.Hughes@Eng.Auburn.EDU>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@crimelab.com>
In-Reply-To: <Pine.LNX.3.91.941219043506.279A-100000@crimson.cadvision.com>
seems to me this problem could be solved by having the spool directory
create 755 instead of 777 and the client directory underneath it created
777. Does anybody see any problems with this? It would prevent the creation
of the link by the user and thus plug the hole.
Tested this on SunOS and it seems to work okay.
--
____________________________________________________________________________
Doug Hughes Engineering Network Services
System/Net Admin Auburn University
doug@eng.auburn.edu
Pro is to Con as progress is to congress
