Re: another /usr/dt/bin/dtappgather feature!

spdGTC1.CPS.UNIZAR.ES

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Adrian Voinea: "XFree86 3.3.2's setup tool /tmp race"
• Previous message: Jochen Thomas Bauer: "Re: xlock mishandles malformed .signature/.plan"
• In reply to: Ben Collins: "Re: another /usr/dt/bin/dtappgather feature!"
• Next in thread: Casper Dik: "Re: another /usr/dt/bin/dtappgather feature!"

> This isn't a permissions problem on the directories, note that his output
> shows that the directory does have the new (ie. patched) permissions. I
> tested this on a completely patched system (patched it right before I
> tested it with the latest ones from sunsolve1). I was still able to
> replicate the exploit.

        The problem with DTUSERSESSION was already posted on last
        Feb 24; and by then, the "Solaris dtappgather patch" fixed the
        DTUSERSESSION but not the link (directory permissions) problem,
        which probably is fixed by the other patch on 2.5.x.

        So, at least Solaris 2.6 (sparc) with recent patches is not
        vulnerable.

--
finger spdgtc1.cps.unizar.es for PGP       /              So be easy and free
.mailcap tip of the day:                   /      when you're drinking with me
application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day
text/x-vcard; cat '%s' > /dev/null       /            (the pogues)

• Next message: Adrian Voinea: "XFree86 3.3.2's setup tool /tmp race"
• Previous message: Jochen Thomas Bauer: "Re: xlock mishandles malformed .signature/.plan"
• In reply to: Ben Collins: "Re: another /usr/dt/bin/dtappgather feature!"
• Next in thread: Casper Dik: "Re: another /usr/dt/bin/dtappgather feature!"