lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0609080806550.16223@shalla.de>
Date: Fri, 8 Sep 2006 08:09:51 +0200 (CEST)
From: Christine Kronberg <seeker@...lla.de>
To: Raj Mathur <raju@...ux-delhi.org>
Cc: bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] Linux kernel source archive vulnerable

On Fri, 8 Sep 2006, Raj Mathur wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>>>>>> "Hadmut" == Hadmut Danisch <hadmut@...isch.de> writes:
>
>    Hadmut> [snip]
>
>    Hadmut> When unpacking such an archive, tar also sets the uid,
>    Hadmut> gid, and file permissions given in the tar
>    Hadmut> archive. Unfortunately, plenty of files and directories in
>    Hadmut> that archive are world writable. E.g. in the 2.6.17.11
>    Hadmut> archive, there are 1201 world writable directories and
>    Hadmut> 19554 world writable files.
>
> I wouldn't know if something has changed drastically between 2.6.16
> and 2.6.17.11, but:
>
> raju@...l:~$ find /usr/src/linux-2.6.16/ -perm -666 ! -type l
> raju@...l:~$
>
> Not a single world-writable file or directory.  Perhaps pre-release
> kernel tarballs are more lax?

   Seems to. I just checked linux-2.6.13 and linux-2.6.17.6. While the
   first has no world writeable files or directories at all the latter
   has tons of it. Interesting.

   Cheers,

   Chris Kronberg.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ