[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Alleged Lynx security emergency
|
From: |
Bela Lubkin |
|
Subject: |
Re: LYNX-DEV Alleged Lynx security emergency |
|
Date: |
Wed, 2 Jul 1997 20:39:27 +0000 |
Wayne Buttles wrote:
> The following as root will trash /dev/null
>
> #include <stdio.h>
> main()
> {
> FILE *fd;
> fd = fopen("/dev/null", "w"); fclose(fd); remove("/dev/null");
> }
That's as it should be -- you do something stupid as root, you lose.
That's why you try to avoid running as root.
> It will also trash /dev/null (on linux) as root su'd to a normal user. If
> the system you are on gives normal users write access to that file then
> that also may open it up for trashing.
If this is true then it's a bug in Linux's Unix security implementation.
Before you and I go around maligning Linux, though, you might want to
identify the version you tried it on. Try on a recent 2.1.3x (whatever
it's up to...)
(Figure out *why* -- is /dev world-writable? Is root-su-to-user running
with the egid that owns /dev, and /dev is group-writable?)
>Bela<
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;