[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FW: [cobalt-security] Local Root exploit
- Subject: Re: FW: [cobalt-security] Local Root exploit
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Mon, 23 Sep 2002 15:38:35 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Rene,
> Now if it works for normal sites also, it means your shadow password
> file is world readable... Do you prefer world readable shadow file or suid
> bit on authenticate? :o)
I do indeed prefer world readable shadow file over an exploitable SUID
programm any time of the day, but that's a call which anyone has to make for
him-/herself. ;o)
--
With best regards,
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer