Bugtraq: Re: Why you should avoid world-writable directories

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Why you should avoid world-writable directories

From: casper () HOLLAND SUN COM (Casper Dik)
Date: Wed, 23 Dec 1998 10:16:40 +0100

getpeeruid() has a problem since multiple processes may write to one
datagram socket, also processes can change uid and file handles can be
passed around.

Both recent *BSD and Linux 2.1.x have per message authentication data
for AF_UNIX sockets that is available as a control message (ie you can
get it via recvmsg()).



Also, on systems that have STREAMs based loopback transports, support
exists to get the other ends credentials in a similar manner.

This is used for authentication on Solaris 2.x loopback rpc
(rpcbind, vold, autofsd, keyserv)

Casper

By Date By Thread

Current thread:

Re: Verifying file data integrity using L6, (continued)
- Re: Verifying file data integrity using L6 Marc SCHAEFER (Dec 20)
  - Re: Verifying file data integrity using L6 Curt Sampson (Dec 21)
  - Why you should avoid world-writable directories D. J. Bernstein (Dec 21)
    - Re: Why you should avoid world-writable directories Darren Reed (Dec 22)
    - Re: Why you should avoid world-writable directories Alan Cox (Dec 22)
    - Re: Why you should avoid world-writable directories Casper Dik (Dec 23)
    - Re: Why you should avoid world-writable directories Martin Forssen (Dec 23)
    - Linux PAM (up to 0.64-2) local root compromise Michal Zalewski (Dec 23)
    - Re: Linux PAM (up to 0.64-2) local root compromise Savochkin Andrey Vladimirovich (Dec 24)
    - 3COM Documentation backdoors in CB3500 Pedro Ribeiro (Dec 23)
    - New perl module Net::RawIP Sergey V. Kolychev (Dec 22)