[27021] in bugtraq
Re: xbreaky symlink vulnerability
daemon@ATHENA.MIT.EDU (Marco van Berkum)
Thu Sep 12 16:34:09 2002
Message-ID: <3D80E4C1.9F14DAC1@obit.nl>
Date: Thu, 12 Sep 2002 21:02:25 +0200
From: Marco van Berkum <m.v.berkum@obit.nl>
Reply-To: m.v.berkum@obit.nl
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Josip Rodin wrote:
> On Thu, Sep 12, 2002 at 06:28:14PM +0200, Marco van Berkum wrote:
> > By default xbreaky is installed as suid and can be abused to overwrite any
> > file on the filesystem, by any user.
>
> I used to maintain the Debian package of xbreaky, and it never had any
> setuid bit set, especially not setuid root. So, to spell it out,
> Debian is not vulnerable to this problem.
Neither is NetBSD so it seems.
OpenBSD 3.0's tree installs it as suid though. So does source install of course.
Cheers,
Marco van Berkum
--
find / -user your -name base -exec chown us:us {}\;
----------------------------------------
| Marco van Berkum / MB17300-RIPE |
| m.v.berkum@obit.nl / http://ws.obit.nl |
----------------------------------------
