[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Tiger-user] Warning about an inetd entry
From: |
Bob Hall |
Subject: |
[Tiger-user] Warning about an inetd entry |
Date: |
Tue, 5 Nov 2002 10:13:49 -0800 (PST) |
Hi,
I wanted to ask a question concerning a particular warning
issued by TIGER. This warning comes from the module that
checks the inetd entries from /etc/inetd.conf. The warning
is of the form:
--WARN-- [inet008] inetd entry for XXXXX uses `YYYYY'
which contains `ZZZZZ' which is not owned by root (owned by WWW).
for the service name XXXXX, program YYYYY, directory ZZZZZ
(owned by user WWW) and user WWW. (This is for a COTS product,
installed per the vendor's instructions.)
Now the inetd.conf entry in question has a user ID of WWW.
YYYYY is a root-owned symbolic link to a binary file that
is setuid WWW. So could somebody explain to me why this is
a potential security vulnerability? Isn't the service being
run as real and effective UID WWW, so it has less privileges
than if it was run by root?
Thank you.
--
Bob
__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/
- [Tiger-user] Warning about an inetd entry,
Bob Hall <=