Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1996_4

Bugtraq archives for 4th quarter (Oct-Dec) 1996: lquerypv fix

lquerypv fix

Troy Bollinger (troyaustin.ibm.com)
Mon, 25 Nov 1996 14:43:11 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Xmcd Admin: "XMCD v2.1 released (was: Security Problems in XMCD)"
Previous message: David J. Meltzer: "Security Problems in XMCD"

The following has been posted to comp.unix.aix:

I have created the following compressed tar file:

lquerypvh.tar.Z

and it is on the anonymous server testcase.boulder.ibm.com.
Log in and go to the directory /aix/fromibm and pick it
up.  I will make sure this keeps refreshed until the official
apar fixes are available.

3.2 = not vulnerable
4.1 = IX64203
4.2 = IX64204

Now, lquerypv -h will only allow users to read what their
uid allows them to read on the system (regardless of the sticky
bit or not).


--
+----------------  I do not speak for IBM!  ------------------+
|Troy Bollinger             |      email:  troyaustin.ibm.com|
|AIX Security Development   | Sometimes the old ways are best.|
+-------------------------------------------------------------+

Next message: Xmcd Admin: "XMCD v2.1 released (was: Security Problems in XMCD)"
Previous message: David J. Meltzer: "Security Problems in XMCD"