Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

slight misinformation in CA-97.21
From: davek () RESEARCH ATT COM (Dave Kormann)
Date: Thu, 17 Jul 1997 10:15:06 -0400

from cert advisory CA-97.21:


As df will no longer work for non-root users, we recommend removing
the execute permissions for them also.


this is false.  without the setuid bit, df works just fine for
non-root users (at least under 6.2).  the only effect is that the
little-used and expensive '-f' option (which forces df to scan the
free block list and hence requires access to the device) won't work.
there's no good reason to take away execute permission from df, unless
your users are likely to be extremely confused by the lack of the '-f'
option.
                                dk

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]