[3016] in bugtraq
Followup: Zolaris 2.5 Exploited.
daemon@ATHENA.MIT.EDU (Brian T. Wightman)
Thu Jul 25 20:14:15 1996
Date: Thu, 25 Jul 1996 18:30:26 -0500
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: "Brian T. Wightman" <wightman@sol.acs.uwosh.edu>
X-To: security@sun.com, cert@cert.org
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: My message of "Thu, 25 Jul 1996 18:00:08 CDT."
Grrr. Correction to my previous post. The second alternative alone
is BAD. It only protects the .rhosts file. How about doing both
patches.
Brian
Brian T. Wightman Academic Computing, UW Oshkosh
wightman@uwosh.edu 800 Algoma Blvd
Phone: (414) 424-3020 Dempsey Hall 307
http://www.uwosh.edu/faculty_staff/wightman/ Oshkosh, Wisconsin 54901
"Brian T. Wightman" wrote:
[- snip -]
> 1) root# chmod gu-s /usr/openwin/bin/kcms_c*
>
> or
>
> 2) root# touch /.rhosts
> root# chown root:root /.rhosts
> root# chmod 600 /.rhosts
