[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: [cobalt-security] Local Root exploit

Subject: Re: FW: [cobalt-security] Local Root exploit
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Mon, 23 Sep 2002 15:38:35 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Rene,

> Now if it works for normal sites also, it means your shadow password
> file is world readable...  Do you prefer world readable shadow file or suid
> bit on authenticate? :o)

I do indeed prefer world readable shadow file over an exploitable SUID 
programm any time of the day, but that's a call which anyone has to make for 
him-/herself. ;o)

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

References:
- Re: FW: [cobalt-security] Local Root exploit
  - From: Brett Wright
- Re: FW: [cobalt-security] Local Root exploit
  - From: Michael Stauber
- Re: FW: [cobalt-security] Local Root exploit
  - From: Rene Luria

Prev by Date: Re: FW: [cobalt-security] Local Root exploit
Next by Date: Re: FW: [cobalt-security] Local Root exploit
Previous by thread: Re: FW: [cobalt-security] Local Root exploit
Next by thread: Re: FW: [cobalt-security] Local Root exploit

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index