[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why a+x inetd permissions?

To: "misc@openbsd.org" <misc@openbsd.org>
Subject: Why a+x inetd permissions?
From: rick <rick@mail.artmold.com>
Date: Tue, 07 Mar 2000 08:38:38 -0500


Why is inetd world-executable by default?

Is there any legitamite reason for anyone other than root to run it?
Or, if it's run by "nobody" or some such, the owner could be changed
to that user...

I read this on another list, a response to someone asking about some
ports he's not filtering:

> If so, you may suffer from inetd "trojan" such as bob exploit.
> It works like this on statd buffer overflow:
> 
> echo "ingreslock stream tcp nowait root /bin/sh sh -c" >/tmp/bob; inetd /tmp/bob
> 
> then 'telnet victim ingreslock' would give the attacker root shell. (My memory
> may not be sufficiently good. See comp.security.unix archive around last
> August.)

-- 
  rick -- A mind is like a parachute...it only works when it's open.
---------------
My opinions don't exist, and as such, are not anyone elses. I do not 
represent anyone, not even myself, and especially not my employer.
---
Looking for a 68 Camaro, details at http://dingo.mcrnet.net
---
ICQ# 1590117  rick@mail.artmold.com (work)  thc@psynet.net (home)

Follow-Ups:
- Re: Why a+x inetd permissions?
  - From: Janne Johansson <jj@dynarc.se>
- Re: Why a+x inetd permissions?
  - From: Tamas TEVESZ <ice@extreme.hu>
- Re: Why a+x inetd permissions?
  - From: John Horn <jhorn1@desperate.ci.tucson.az.us>

Prev by Date: Keyboard, plug and... play?
Next by Date: Re: Keyboard, plug and... play?
Prev by thread: Re: Keyboard, plug and... play?
Next by thread: Re: Why a+x inetd permissions?
Index(es):
- Date
- Thread