FOLLOWUP (2): Symlink/Core Security Hole for DU 4.0B

From: Britton Johnson <johnson_at_lindenwood.edu>
Date: Wed, 13 May 1998 11:04:39 -0500 (CDT)

Hello gurus,
        This thread has been wrapped up very neatly, but I had one more
question. Please forgive any "cluelessness" in advance. The consensus
was that Yes, removing other read permissions looks like it works and
noone has seen any negative effects... however, is it just read access one
should remove or should I also remove other execute access? Like I said,
I'm somewhat new to this and was trying to be perfectly clear.


> > I contacted Digital CSC and was informed there may not be a patch for
> > Digital UNIX 4.0B at this time but the engineer suggested a work
> > around. Basically, turn on Enhanced C2 security and disable the
> > creation of core files [ ... ]
>
> For those who feel this may be a little too drastic, or otherwise
> inconvenient, you might simply want to remove "other" read permission on
> your SUID binaries. As it happens, a program won't dump core if the user
> can't read the binary.


Thanks,

Britt



            | Britton Johnson, Ass't System Admin. |
            | Lindenwood University, St. Charles, MO |
            | johnson_at_lindenwood.edu |
Received on Wed May 13 1998 - 18:06:02 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:37 NZDT