[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] [SECURITY WARNING] All Neomail users
- Subject: Re: [cobalt-security] [SECURITY WARNING] All Neomail users
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Mon, 19 Nov 2001 20:32:45 +0100
- Organization: Stauber Multimedia Design
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Taco,
> Michael, I understand your concern, but please be aware that any local user
> is able to get root permissions if you leave suidperl suid. Please see:
>
> http://www.securityfocus.com/archive/1/74168
I'm aware of that issue and have since long done away with the hole riddled
"mail" and even upgraded "pine" a few times until I did away with it, too.
With missing "mail", "usleep" and reniced suidperl I felt pretty much on the
safe side.
I have eliminated my need for suidperl suid over the weekend rewriting my
application. You know how that goes .... most of the times the need for suid
is a lack of proper programming or outright lazyness. ;o)
> Being SUID root is not the issue here. Being vulnerable AND being SUID root
> is. Therefore I replaced the permissions on suidperl with the ones as the
> RaQ/Qube was delivered to you and added two SUID wrapper programs that will
> run without any securityproblems.
Thanks for the info, Taco. Out of curiosity: where are those wrappers
located? In the Neomail directory?
--
With best regards,
Michael Stauber