Re: Linux /usr/bin/gnuplot overflow

schaeferALPHANET.CH

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Marc Heuse: "Re: Linux /usr/bin/gnuplot overflow"
• Previous message: leshka: "Little exploit for startup scripts (SCO 5.0.4p)."
• Maybe in reply to: xnecINFERNO.TUSCULUM.EDU: "Linux /usr/bin/gnuplot overflow"
• Next in thread: Marc Heuse: "Re: Linux /usr/bin/gnuplot overflow"

> /etc/rc.config and set PERMISSION_SECURITY="paranoid". That way gnuplot

warning, warning.

permissions.paranoid is not supported by SuSE --- it was contributed
by me. It only fixes the problems that SuSE 5.0 had. When I have
some time again, I will do the same work with a full install of
SuSE 6.0.

At least without clear information from SuSE that /etc/permissions.paranoid
is uptodate, I would not count on it to be _absolutely_ paranoid.
After all, you are supposed to do your homeworks yourself, too :)

Also, for it to work, it needs a few things, such as an ``xok'' group,
etc, look at the start of that file.

> rootlaser:/home/andrea# grep gnuplot /etc/permissions.paranoid
> # WHY ON HELL was gnuplot suid root !!!!!
> /usr/bin/gnuplot                       root.root        755

I remember my very clean statements about this problem :)

The ``reason'', as someone pointed out, is the SVGALib. For me that's
a very bad reason to suid --- by default --- an executable.

• Next message: Marc Heuse: "Re: Linux /usr/bin/gnuplot overflow"
• Previous message: leshka: "Little exploit for startup scripts (SCO 5.0.4p)."
• Maybe in reply to: xnecINFERNO.TUSCULUM.EDU: "Linux /usr/bin/gnuplot overflow"
• Next in thread: Marc Heuse: "Re: Linux /usr/bin/gnuplot overflow"