Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: /dev/urandom | logger "issue"
From: Michal Zalewski <lcamtuf () DIONE IDS PL>
Date: Tue, 22 Aug 2000 11:26:28 +0200
On Mon, 21 Aug 2000, Vitaly McLain wrote:


I know I'll probably wind up sounding like an idiot, but why is that on
Linux boxes normal users have so much access to /var/log/messages via
"logger"? Any user can do:

cat /dev/urandom | logger &


On Linux boxes, you have 0666 permissions on /dev/log. That's it, you can
not only forge messages (logger -p 0 -t kernel "blah"), but also... forge
date (I reported it some time ago, and written nice utility called suncat
- uc - for I/O operations on unix sockets from command-line).

Smart people changes these permissions to something more restrictive.

_______________________________________________________
Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]