[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: BSD-fileflags

To: misc@openbsd.org
Subject: Fwd: BSD-fileflags
From: "Josh S." <jastrckl@hotmail.com>
Date: Sat, 03 Jul 1999 08:56:26 PDT

I realize this isn't bugs, or the security list, but I still was interested, 
as file flags came up recently. Can anyone tell if this same problem is in 
Open? Thanks.

p.s.
please reply to jastrckl@memphis.edu



>From: stealth@DIONE.IDS.PL
>Reply-To: stealth@DIONE.IDS.PL
>To: BUGTRAQ@NETSPACE.ORG
>Subject: BSD-fileflags
>Date: Fri, 2 Jul 1999 13:55:22 -0400
>
>Good morning,
>
>'The design and implementation of the 4.4 BSD operating system'
>page 263:
>
>"... Security levels are defined as follows:
>-1. [...]
>
>  0. [...]
>
>  1. Secure mode: The superuser-settable immutable and appned-only flags
>     cannot be cleared; [...]
>
>  2. [...]
>
>"
>
>That's not true. You can do it either with fsdb or with the appended
>exploitcode. Sorry for that fat mail, but the code is not upload on my site
>yet, but i guess you also will find it there soon...
>The README describes exactly why you can erase these flags in level 1.
>I already send it to some friends and we found it working at least with
>FreeBSD (3.1). I guess that this is a general problem. perhaps someone
>verifys this on other BSD's too.
>
>Solution
>--------
>
>If fileflags are part of your security-concept, use security level 2, not 
>1.
>(sure, level 2 might also have been broken...)
>
>cheers,
>Stealth
>
>: ---- main(){fork();main();} ----
>: Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
>: Stealth <-> http://www.kalug.lug.net/stealth
>


_______________________________________________________________
Get Free Email and Do More On The Web. Visit http://www.msn.com

Binary data

Prev by Date: Re: Microsoft Exchange Server Connection
Next by Date: Re: xemacs / termcap ?
Prev by thread: Re: Couple of questions.
Next by thread: Instalation Help
Index(es):
- Date
- Thread