-x implementations
Peter da Silva
peter at ficc.ferranti.com
Fri Mar 8 05:44:46 AEST 1991
In article <1991Mar07.091123.13033 at kithrup.COM> sef at kithrup.COM (Sean Eric Fagan) writes:
> (Actually, I had a fun few minutes, because it kept telling me that I had
> write permission to /etc/passwd without having to be root [I made my binary
> suid root]. If occurred to me, after a while, that the file was group
> writable, and, now that multiple groups work, I happen to be in the
> "correct" group to write to it. Neat...)
Isn't this a security hole? I mean, once you can write to the password file
you have the keys to the kingdom. I hope this goes away when you turn off C2.
--
Peter da Silva. `-_-' peter at ferranti.com
+1 713 274 5180. 'U` "Have you hugged your wolf today?"
More information about the Comp.unix.programmer
mailing list