|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: 7a69Adv#22 - UNIX unzip keep setuid and setgid files
devnull
Rodents.Montreal.QC.CA
Date: Tue Mar 01 2005 - 11:57:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[As usual when I write here, the header From: is a black hole. Use the
address in the signature to actually reach me.]
>> this only works if the user un-zipping the file is already root.
>> otherwise it creates an "sh" binary which is setuid to the user who
>> unzipped the file.
> If your homedir is worldreadable, which is pretty common practice the
> other user can run the shell and get your useraccount.
This is confusing readable with executable.
If a directory is readable, anyone can find out the names of the things
in it. If it's executable, anyone who knows a thing's name there can
get to the thing.
Read and execute access usually go together on directories, but they
don't have to. (A +r-x directory is of doubtful use. But -r+x is
comparatively useful.)
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouserodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]