[576] in bugtraq
Re: Various Solaris 2.3 file permission problems
daemon@ATHENA.MIT.EDU (Dave Mitchell)
Wed Jan 4 17:36:10 1995
Date: Wed, 4 Jan 95 16:01:31 GMT
From: Dave Mitchell <D.Mitchell@dcs.shef.ac.uk>
To: 8lgm-bugs@bagpuss.demon.co.uk, bugtraq@fc.net
I've just checked with a virgin Solaris 2.4 installation and this is
what I've found:
> Problems: 1. As distributed, /opt/SUNWdxlib contains many _world_ writeable
> files, including executables.
appears fixed
> 2. By default, /var/nis/{hostname}.dict is _world_ writeable.
no comment, not using nis+ (:-)
> 3. /etc/hostname.le0 is _world_ writeable.
fixed
>
> 4. /var/statmon, /var/statmon/sm, and /var/statmon/sm.bak are
> _world_ writeable directories.
still writeable
> 5. The following files are _world_ writeable:
> /var/adm/vold.log
> /var/log/syslog*
> /var/lp/logs/lpsched
> /var/lp/logs/lpNet
> /etc/mnttab
> /etc/path_to_inst.old
> /var/saf/_log
> /etc/rmtab
-rw-rw-rw- 1 root root 702 Jan 4 15:07 /etc/mnttab
-rw-rw-r-- 1 root sys 0 Oct 25 16:33 /var/log/syslog
-rw-rw-rw- 1 root root 318 Dec 30 17:53 /var/adm/vold.log
-rw-rw-rw- 1 root root 951 Dec 30 17:53 /var/saf/_log
-r--r--r-- 1 root sys 1958 Dec 30 17:06 /etc/path_to_inst.old
-rw------- 1 root other 618 Dec 30 17:53 /var/lp/logs/lpNet
-rw------- 1 root other 436 Dec 30 17:53 /var/lp/logs/lpsched
(I havent got an rmtab yet)
Dave.
* David Mitchell, Systems Administrator, email: D.Mitchell@dcs.shef.ac.uk
* Dept. Computer Science, Sheffield Uni. phone: +44 114-282-5573
* 211 Portobello St, Sheffield S1 4DP, UK. fax: +44 114-278-0972
*
* Standards (n). Battle insignia or tribal totems
