[3007] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

bin owned system files

daemon@ATHENA.MIT.EDU (Robert E. Adams)
Thu Jul 25 17:16:23 1996

Date: 	Thu, 25 Jul 1996 14:20:23 -0400
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: "Robert E. Adams" <adams@kodak.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>

In Solaris 2.x, many of the system files
and directories are distributed with
the owner as "bin" and the group as
"bin".

Many security publications warn against
"root" executables that are not owned
by "root".

Are there any known problems/bugs/etc.
with "root" executing system binaries
owned by "bin" as long as the "bin"
account is disabled in /etc/passwd.
(i.e. * for password and /bin/false
for the shell).

Thanks,
bob

*******************************************************************

Bob Adams                               Eastman Kodak Company
Systems Security Engineer               1447 St. Paul Street
Email: adams@Kodak.com                  Mail Code 37009
Phone:  (716) 253-5281                  Rochester, NY  14653-7009
Fax:    (716) 253-5846

******************************************************************


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3007] in bugtraq

bin owned system files

daemon@ATHENA.MIT.EDU (Robert E. Adams)Thu Jul 25 17:16:23 1996

daemon@ATHENA.MIT.EDU (Robert E. Adams)
Thu Jul 25 17:16:23 1996