| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200403221808.i2MI88mg000927@turing-police.cc.vt.edu>
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: AIX 4.3.3 has make sgid 0?
On Mon, 22 Mar 2004 15:16:15 GMT, BoneMachine <bonemach@....lonestar.org> said:
> Hello
> I was browsing the SecurityFocus vulnerability database and found the following:
> http://www.securityfocus.com/bid/9903
> "Because the make utility is reported to run with setGID root privileges, a local attacker may potentially exploit this condition to gain access to the root group"
>
> Is this true ? I cannot believe that IBM has an setGID root-bit on the make utillity. This goes against all security practices I've ever heard.
Looks like a crock to me. We still have one AIX 4.3.3 box left around:
[~]1 uname
AIX
[~]1 oslevel
4.3.3.0
[~]1 ls -l /bin/make
lrwxrwxrwx 1 bin bin 17 Feb 12 2003 /bin/make -> /usr/ccs/bin/make
[~]1 ls -lL /bin/make
-r-xr-xr-x 1 bin bin 90234 Jul 18 2001 /bin/make
[~]1 lslpp -L bos.adt.base
Fileset Level State Description
----------------------------------------------------------------------------
bos.adt.base 4.3.3.77 C Base Application Development
Toolkit
So if it was ever sgid 0, IBM fixed that sometime before July 2001.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040322/cab591f9/attachment.bin
Powered by blists - more mailing lists