Re: Fwd: Multiple vendor 'Taylor UUCP' problems.

From: Kris Kennaway (kris@obsecurity.org)
Date: 09/09/01 

Date: Sat, 8 Sep 2001 18:08:48 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: "Andrey A. Chernov" <ache@nagual.pp.ru>

On Sun, Sep 09, 2001 at 04:52:27AM +0400, Andrey A. Chernov wrote:
> On Sat, Sep 08, 2001 at 17:43:04 -0700, Kris Kennaway wrote:
> > On Sat, Sep 08, 2001 at 05:02:57PM -0700, Kris Kennaway wrote:
> >
> > > Looks like setting the schg flag is the only feasible containment
> > > solution for now.
> >
> > Here's a proposed fix. It just disallows anyone other than root from
> > specifying an alternate configuration file, for the setuid utilities
> > (which was the cause of the vulnerability here, AFAIK).
>
> What you try to fix this way? It brokes normal users dialing to theirs
> systems, they always specify their own files. Consider uu* as user level
> utilities. The only point of restriction is restrict their access to
> dialing devices, not to utulities.

The vulnerability involves uucp being made to run arbitrary commands
as the uucp user through specifying a custom configuration file - see
bugtraq. There may be other problems resulting from user-specified
configuration files. I don't have time to go through the code and fix
up the revocation of privileges right now..in the meantime, this
prevents the root exploit where a user replaces a uucp-owned binary
like uustat, which is called daily by /etc/periodic.

Kris

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: Search function results in program freeze: Word2007
    ... I suspect that the hot fix wasn't incorporated in the last Office patch after all. ... I'm wondering if there is some configuration file or something that does NOT ... or possibly a problem with the docx file ... No luck, it still ...
    (microsoft.public.word.application.errors)
  • Re: Gone on Safari
    ... It's still a command line fix. ... It's a compact, explicit way of specifying what needs to be done. ...
    (uk.comp.sys.mac)
  • GNOME settings on start up
    ... I am having a bit of a problem with the services that GNOME triggers on start up, and would like some ideas on how to fix these. ... Anyway, one of the issues I am finding is that the gnome-screensaver is triggered on start up and runs in the background, but despite being configured to kick in after 20 minutes of inactivity, it doesn't. ... Startup Programs) does not fix the issue; similarly, whilst I have kmail and korganizer selected to start at session start up these don't automatically start either. ... I am thinking that there must be a configuration file somewhere, but I cannot find it so that I can change these settings through the configuration file directly rather than through a user window/ dialogue box. ...
    (Debian-User)
  • [ANNOUNCE] GIT 1.3.3
    ... The latest maintenance release GIT 1.3.3 is available at the ... Future-proofing configuration file syntax by Linus. ... Fix git-pack-objects for 64-bit platforms ...
    (Linux-Kernel)
  • Re: Problems with mail function
    ... It was a simple fix: ... figuring out what was wrong:( ... In your php.ini configuration file, make sure the sendmail command has ...
    (comp.lang.php)