Home page logo
/

bugtraq logo Bugtraq mailing list archives

slight misinformation in CA-97.21
From: davek () RESEARCH ATT COM (Dave Kormann)
Date: Thu, 17 Jul 1997 10:15:06 -0400


from cert advisory CA-97.21:

As df will no longer work for non-root users, we recommend removing
the execute permissions for them also.

this is false.  without the setuid bit, df works just fine for
non-root users (at least under 6.2).  the only effect is that the
little-used and expensive '-f' option (which forces df to scan the
free block list and hence requires access to the device) won't work.
there's no good reason to take away execute permission from df, unless
your users are likely to be extremely confused by the lack of the '-f'
option.
                                dk



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault