Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: Re: Possible DoS in rsh

Re: Possible DoS in rsh

Henrik Nordstrom (hnoHEM.PASSAGEN.SE)
Fri, 9 Oct 1998 08:14:55 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael Blythe: "Referer (was Patches for wwwboard.pl)"
Previous message: Jean-Christophe Touvet: "Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering"
Maybe in reply to: Shivan Dragon: "Possible DoS in rsh"
Next in thread: Kragen: "Re: Possible DoS in rsh"

Nick Andrew wrote:

> Programs (esp. daemons) which run as root should refuse to read
> control files which are symlinks (and home directories should not
> be on the same partition as /dev!).

Should this be worded: Any service daemons should refuse to read
files which are not files (symlinks, device files, pipes and other
non-disk-file types) or not owned by the right user with proper
permissions.

---
Henrik Nordström

Next message: Michael Blythe: "Referer (was Patches for wwwboard.pl)"
Previous message: Jean-Christophe Touvet: "Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering"
Maybe in reply to: Shivan Dragon: "Possible DoS in rsh"
Next in thread: Kragen: "Re: Possible DoS in rsh"