lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 12 Jan 2007 21:18:47 +0000
From: Ben Wheeler <b.wheeler@...c.ac.uk>
To: Dave Moore <dave.j.moore@...il.com>
Cc: bugtraq <bugtraq@...urityfocus.com>, steven@...terwebnet.com,
	dennis.jackson@...rect.co.uk
Subject: Re: slocate leaks filenames of protected directories

On Thu, Jan 11, 2007 at 12:50:49PM -0600, Dave Moore wrote:
> chmod 711 dir
> sets permissions: drwx--x--x
> 
> But for directories the x doesn't mean executable, it means
> searchable. 
...
> 
> Or am I missing something?

You're missing what "searchable" means. It means you can cd into
the directory and you can access files within the directory *if*
you know their exact name (and have appropriate perms on those files)
but you *cannot* list the directory's contents. Thus if slocate
allows you to list the contents of such a directory just by
specifying the name of the directory, or a single character of
a file within the directory, it is laxer security than the directory
permissions allow. Not the world's most pressing security problem, 
but a problem nonetheless.

Ben

Powered by blists - more mailing lists