sgihelp vulnerability

maxgac.edu

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Bob Vickers: "Re: IRIX 5.2 Security Advisory"
• Previous message: Karyn Pichnarczyk: "Re: IRIX 5.2 Security Advisory"

Although the wrapper program I posted earlier still seems sufficient
to prevent people from trivially becoming root, it has been brought to
my attention that under some circumstances one normal user can still
become another normal user.  Although less severe, this is still a
significant secruity concern.  Therefore, ***I don't recommend the use
of my wrapper program.**** Instead, as a matter of prudence, I would
suggest turning off sgihelp entirely until a better solution is found.
This can be done by renaming /usr/sbin/sgihelp to something else, or
for the 'versions' happy, doing 
 versions remove sgihelp.sw.eoe

Note that this is my own personal opinion only.  To my knowledge, SGI
has not officially superceded their original suggestion of just
removing sgihelp.books.ViewerHelp.  However, my judgement is that it
would be considerably more prudent to remove sgihelp.sw.eoe.

• Next message: Bob Vickers: "Re: IRIX 5.2 Security Advisory"
• Previous message: Karyn Pichnarczyk: "Re: IRIX 5.2 Security Advisory"