Bugtraq: Solaris problems?

[unkadath!shamus () naucse cse nau edu (James W. Abendschan)]

Three solaris-related things I'd like to ask the list-- and if
you know, and are willing to share this info (key point here), please
speak up.

1) /var/mail is world writable, but has a sticky bit to prevent
   people from removing other people's mailboxes.  Still, I
   can create mailboxes for users who don't have them (like smtp) ..
   will this pose a problem in the future?

   I know that if sendmail had some sort of support for v7 
   forwarding capabilties (ie; /var/mail/smtp contains
   Forward to |/tmp/foosh, then mail to smtp runs /tmp/foosh
   as uid smtp, which just happens to be 0 on our systems)
   this would be an easy exploit.. but apparently sendmail
   8.6.9 doesn't hold to those kind of conventions (thank gods)

2) it was recently pointed out to me that /dev/tcp and /dev/ip
   were mode 666; could this be a problem?  I thought maybe
   you could dump crap into them and it would possibly hose
   something.. or worse, you could just cat 'em and look
   at traffic.  While both of these are probabally unlikely,
   does anyone know for certain?  And is it safe to chmod 600
   these?

3) is solaris openwin code secure?  (yes or no, and if no, why..
   for those of us who just like to say things like "perhaps.")

James

-- 
James W. Abendschan                                      shamus () unkadath uucp
"Thanks, fone-d00d!"                                   jwa () sunset cse nau edu