Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Solaris 2.x chkperm/arp vulnerabilities
From: casper () HOLLAND SUN COM (Casper Dik)
Date: Fri, 3 Dec 1999 09:19:39 +0100

Arp bug Verified for my Solaris 5.6 and 5.5.1 Installs.

$ uname -a
SunOS pangea 5.5.1 Generic_103640-26 sun4u sparc SUNW,Ultra-5_10

# uname -a
SunOS vapid 5.6 Generic_105181-05 sun4u sparc SUNW,Ultra-5_10

$ ls -l /etc/bin
-rw-rw----   1 bin      bin           23 Dec  1 13:54 /etc/bin

On both machines I could read bin:bin owned files as a regular joe user with arp

You can safely remove the set-gid bin from arp; I'm not sure why it's
still there or in what cases it needs such privileges.

I don't think group bin ever had any files or devices
readable only to it; I can't figure out why it was ever made
set-gid bin.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]