Re: bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: bash
From: Paul Howarth <paul@xxxxxxxxxxxx>
Date: Wed, 07 Dec 2005 15:29:03 +0000
In-reply-to: <20051207133832.GA22723@xxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <060e01c5faea$8901b950$0201a8c0@dw1> <200512070110.55198.gene.heskett@xxxxxxxxxxx> <20051207124844.GB20861@xxxxxxxxxxxxx> <200512070812.17209.gene.heskett@xxxxxxxxxxx> <20051207133832.GA22723@xxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.7-1.1.fc4 (X11/20050929)

Matthew Miller wrote:

On Wed, Dec 07, 2005 at 08:12:17AM -0500, Gene Heskett wrote:
Cos' that user is only allowed to do cp mv and chmod, not anything
else.
And thats enough to own the box.
How?
If he can cp and mv something malicious, then chown it to a lowernumbered user, I think he could gain root privs if he was suitablycreative. Maybe not, but it would certainly bear watching/logging IMO.
ch*mod*, not chown. :)

Regular users can't normally run chown anyway, because these "filegiveaways" are a well-known security issue.


Paul.

References:
- bash
  - From: LC
- Re: bash
  - From: Gene Heskett
- Re: bash
  - From: Matthew Miller
- Re: bash
  - From: Gene Heskett
- Re: bash
  - From: Matthew Miller

Prev by Date: RE: SSH Security
Next by Date: Re: bash
Previous by thread: Re: bash
Next by thread: Re: bash
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]