Re: slocate bug.
From: Larry W. Cashdollar (lwc@vapid.dhs.org)Date: 02/17/02
- Previous message: Kurt Seifried: "Re: slocate bug."
- In reply to: Kurt Seifried: "Re: slocate bug."
- Next in thread: Larry W. Cashdollar: "Re: slocate bug."
- Next in thread: John Adair: "RE: slocate bug."
- Reply: Larry W. Cashdollar: "Re: slocate bug."
- Reply: Rodrigo Barbosa: "Re: slocate bug."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 16 Feb 2002 18:31:42 -0500 (EST) From: "Larry W. Cashdollar" <lwc@vapid.dhs.org> To: Kurt Seifried <bugtraq@seifried.org>
Kurt Seifried wrote:
> Ack ergh sputter (brain burp, my bad!). Yes, unless the group write bit is
> set it is not an issue (and that shouldn't happen). Just checked and none of
> the files group slocate owns on Red Hat 7.2 are writeable, so that's good,
> but I can't speak for other distros, so you should check: "find / -group
> slocate -perm +0020", note that any symlinks owned by group slocate will
> show up. Considering the number of errors vendors make on file permissions
> it is certainly possible someone has a slocate binary writeable by group
> slocate.
>
I attempted this on a Mandrake 8.0 machine I have, I only found the slocate
and locate binaries with group owned permissions. Perhaps someone can
check another distro?
-- Larry C$
- Previous message: Kurt Seifried: "Re: slocate bug."
- In reply to: Kurt Seifried: "Re: slocate bug."
- Next in thread: Larry W. Cashdollar: "Re: slocate bug."
- Next in thread: John Adair: "RE: slocate bug."
- Reply: Larry W. Cashdollar: "Re: slocate bug."
- Reply: Rodrigo Barbosa: "Re: slocate bug."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
