Solaris permission problem(newbie)
Mike Bilow
mikebw at colossus.bilow.com
Fri Apr 28 11:01:50 EDT 2000
On Fri, 28 Apr 2000, Jerry Callen wrote:
> Mike Bilow wrote:
> >
> > I don't know what book you're reading, but /tmp and /var/tmp damn well
> > ought to be mode 1777 or everyone on the system can become root.
> > Especially on a Solaris machine where the exploit is well known and
> > publicly available, allowing anything other than 1777 is a recipe for
> > disaster. While we're on this subject, /tmp and /var/tmp had also better
> > be owned by root.root, or similar kinds of bad things will occur.
>
> This is all (very interesting) news to me. Can you provide a pointer
> to a description of the problem?
These are pretty ancient...
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-95.07.Incorrect.Permissions.on.tmp.may.allow.root.access
...which is quoted in...
http://www.cert.org/ftp/cert_advisories/CA-95:09.Solaris-ps.vul
> For that matter, what sources should a sysadmin use when trying to secure
> a system? I've done a fair amount of reading about firewallS & such, but
> clearly there's STILL an awful lot I don't know. And what I don't know WILL
> hurt me.
There are numerous checklists covering the basic stuff. For example:
http://www.auscert.org.au/Information/Auscert_info/papers.html
http://www.cert.org/nav/securityimprovement.html
http://uwsg.ucs.indiana.edu/usail/tasks/security/security.html
In general, any directory which is world-writable should be "sticky."
-- Mike
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list