|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: BUGTRAQ ALERT: Solaris 2.x vulnerability
Alexander L. Haiut (alx
CS.bgu.ac.il)Wed, 16 Aug 1995 11:54:21 +0200
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Patrick Hess: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
- Previous message: Nathan Lawson: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
- In reply to: Brian Perkins: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
- Next in thread: Neil Readwin: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
On Tue, 15 Aug 1995, Brian Perkins wrote:
> I found that the program would not work if I tried to put the root shell in
> my home dir, which was mounted via NFS.I tried fo half an hour.
> If I tried moving it to /tmp, it worked within a minute, a couple of times.
Don't you think it's because your home dir mounted via NFS is
mounted with "nosuid" option ? Just an idea, no more.. :)
On Tue, 15 Aug 1995, Aleph One wrote:
> Well while we taling about SysV ps IRIX's its sgid to sys, writes
> to /tmp/.ps_data and /tmp/.ps_XXXXXX but /tmp was the sticky bit on.
Well, checked IBM AIX, seems to be Ok too.. /tmp has sticky
bit on, and /usr/bin/ps is sgid to "system" group only.
Hope here we're safe.. Whaddya say?! --alex.
--
Alexander Haiut +972-7-461658
Math & CS System group alxcs.bgu.ac.il
Ben-Gurion University, Israel http://www.cs.bgu.ac.il/~alx/
- Next message: Patrick Hess: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
- Previous message: Nathan Lawson: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
- In reply to: Brian Perkins: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"
- Next in thread: Neil Readwin: "Re: BUGTRAQ ALERT: Solaris 2.x vulnerability"