Full Disclosure: Re: AIX 4.3.3 has make sgid 0?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: AIX 4.3.3 has make sgid 0?

From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Mar 2004 13:08:08 -0500

On Mon, 22 Mar 2004 15:16:15 GMT, BoneMachine <bonemach () sdf lonestar org>  said:

Hello
I was browsing the SecurityFocus vulnerability database and found the following:
http://www.securityfocus.com/bid/9903
"Because the make utility is reported to run with setGID root privileges, a local attacker may potentially exploit 
this condition to gain access to the root group"

Is this true ? I cannot believe that IBM has an setGID root-bit on the make utillity. This goes against all security 
practices I've ever heard.


Looks like a crock to me.  We still have one AIX 4.3.3 box left around:

[~]1 uname
AIX
[~]1 oslevel
4.3.3.0
[~]1 ls -l /bin/make
lrwxrwxrwx   1 bin      bin           17 Feb 12 2003  /bin/make -> /usr/ccs/bin/make
[~]1 ls -lL /bin/make                                        
-r-xr-xr-x   1 bin      bin        90234 Jul 18 2001  /bin/make
[~]1 lslpp -L bos.adt.base
  Fileset                      Level  State  Description
  ----------------------------------------------------------------------------
  bos.adt.base              4.3.3.77    C    Base Application Development
                                             Toolkit

So if it was ever sgid 0, IBM fixed that sometime before July 2001.

Attachment: _bin
Description:

By Date By Thread

Current thread:

AIX 4.3.3 has make sgid 0? BoneMachine (Mar 22)
- Re: AIX 4.3.3 has make sgid 0? Valdis . Kletnieks (Mar 22)
- Re: AIX 4.3.3 has make sgid 0? Darren Tucker (Mar 23)
  - Re: AIX 4.3.3 has make sgid 0? Sullivan . Danielj (Mar 23)