Solaris permission problem(newbie)
Jerry Callen
jcallen at narsil.com
Fri Apr 28 09:10:59 EDT 2000
Mike Bilow wrote:
>
> I don't know what book you're reading, but /tmp and /var/tmp damn well
> ought to be mode 1777 or everyone on the system can become root.
> Especially on a Solaris machine where the exploit is well known and
> publicly available, allowing anything other than 1777 is a recipe for
> disaster. While we're on this subject, /tmp and /var/tmp had also better
> be owned by root.root, or similar kinds of bad things will occur.
This is all (very interesting) news to me. Can you provide a pointer
to a description of the problem?
For that matter, what sources should a sysadmin use when trying to secure
a system? I've done a fair amount of reading about firewallS & such, but
clearly there's STILL an awful lot I don't know. And what I don't know WILL
hurt me.
-- Jerry Callen Mobile: 617-388-3990
Narsil FAX: 617-876-5331
63 Orchard Street email: jcallen at narsil.com
Cambridge, MA 02140-1328
PGP public keys available from http://pgp.ai.mit.edu
fingerprints:
DH/DSS key ID 0x1806252C: 7669 A4CD 759A 6EB7 AF04
C10D B659 2A4B 1806 252C
RSA key ID 0x99F7AAE5: D265 DC9C 13FD 6110
30F5 1874 A206 24B1
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list