[2604] in bugtraq
Re: Security problem in ESRI's ArcDoc 7.0.4
daemon@ATHENA.MIT.EDU (Andrew Raphael)
Fri May 24 12:46:03 1996
Date: Fri, 24 May 1996 18:20:13 +1000
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Andrew Raphael <raphael@research.canon.com.au>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199605240421.VAA11647@ecosys.nbs.nau.edu> from "James W.
Abendschan" at May 23, 96 09:21:46 pm
>The program "fm_fls" as distributed with ESRI's "ArcDoc" package (7.0.4)
>[...]
>I've seen fm_fls distributed with other applications -- perhaps the
>bug is not specific to ARC/Info?
fm_fls is the FrameMaker license server. It's not setuid in my vanilla
International FrameMaker installation, but the "chmod 666" behaviour
is there. It just creates the log file owned by the first person to
run FrameMaker.
--
Andrew Raphael <raphael@research.canon.com.au>
"Oh! I see, it's your birthday. It's your big day, and I forgot."
