The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[linux-security] *sigh* another RH5 /tmp problem


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
X-RDate: Thu, 12 Mar 1998 09:26:06 +0500 (ESK)
Date: Mon, 9 Mar 1998 17:55:14 -0600
From: "Mark A. Spencer" <[email protected]>
To: [email protected]
Subject: [linux-security] *sigh* another RH5 /tmp problem

RedHat 5, when using dhcp to configure the interface calls a script
called "ifdhcpc-done" to be executed after a dhcp interface is
configured. At the end of the process it updates resolv.conf:

if [ -f /etc/dhcpc/resolv.conf ]; then
       echo "setting up resolv.conf" >> /tmp/dhcplog
       cp /etc/dhcpc/resolv.conf /etc
fi

There is no protection against the dhcplog file being a symbolic link,
clobbering, blah de blah de blah...  (it seems pretty useless to maintain
it too, since this is the only message that ever seems to appear in the
log).

-rw-rw-rw-   1 root     root          690 Mar  9 17:23 dhcplog

Oh, and the file also seems to default to being permissions of 666 which
allows for easy avoidance of disk quotas...

Anyway, I would just comment out the echo line and be done

The only way to exploit this is if the dhcplog file doesn't already exist
which can occur if the system has been up for 10 days or more and is then
rebooted.


                                -Mark

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe: mail -s unsubscribe [email protected] < /dev/null

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру