mailing list archives
OpenWindows 3 possible security problem?
From: scott () Disclosure COM (Scott Barman)
Date: Mon, 22 May 1995 15:04:42 -0400 (EDT)
While poking around the system (SPARC Classic running SunOS 4.1.3_U1)
looking for a lost file, I stumbled across a couple of files that looked
-rw-rw-rw- 1 scott 20 May 19 14:12 /tmp/ttyselection
-rw-rw-rw- 1 scott 74 May 19 14:12 /tmp/winselection
Both happen to look like the cut buffers from a shelltool or commandtool
window. Both contain text that look familiar in this regard.
My problem with this is the file permissions. Readable and writeable to
the world?! Even if I remove them and I do some cut-and-paste, they
are recreated with the same modes. This is strange since my umask is
set to 027!
This means that whatever I cut and paste, even if it's to a "secure"
file (read-write by me only), the whole world can read it!
Is this an error in the installation of the ow? Or is this a bug in
scott () disclosure com
DISCLAIMER: I will talk to anyone who will listen, but I only speak for myself.
- OpenWindows 3 possible security problem? Scott Barman (May 22)