[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: [cobalt-security] Local Root exploit

Subject: Re: FW: [cobalt-security] Local Root exploit
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Mon, 23 Sep 2002 23:22:23 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Eugene,

> If an admin has /etc/shadow world-readable than he is in trouble almost
> as bad as exploitable /usr/lib/authenticate ;-)

He sure is. But I'm not going to comment that further, otherwise I'd be 
venting at a certain ... vendor. ;o)

> Not exactly right.  /etc/passwd *should* be world readable.  

Outch ... yeah, of course you're right. Sorry, I spoke too soon.

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

References:
- Re: FW: [cobalt-security] Local Root exploit
  - From: Brett Wright
- Re: FW: [cobalt-security] Local Root exploit
  - From: Michael Stauber
- Re: FW: [cobalt-security] Local Root exploit
  - From: Eugene Crosser

Prev by Date: RE: FW: [cobalt-security] Local Root exploit
Next by Date: RE: FW: [cobalt-security] Local Root exploit
Previous by thread: RE: FW: [cobalt-security] Local Root exploit
Next by thread: Re: FW: [cobalt-security] Local Root exploit

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index