From owner-freebsd-security Thu Aug 17 6:16:13 2000 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 57AD737B61D for ; Thu, 17 Aug 2000 06:16:06 -0700 (PDT) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id GAA14632 for ; Thu, 17 Aug 2000 06:16:01 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda14628; Thu Aug 17 06:15:50 2000 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.9.3/8.9.1) id GAA10333 for ; Thu, 17 Aug 2000 06:15:50 -0700 (PDT) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdn10331; Thu Aug 17 06:15:28 2000 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.0/8.9.1) id e7HDFSh12972 for ; Thu, 17 Aug 2000 06:15:28 -0700 (PDT) Message-Id: <200008171315.e7HDFSh12972@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdO12968; Thu Aug 17 06:15:06 2000 X-Mailer: exmh version 2.1.1 10/15/1999 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 4.1-RELEASE X-Sender: cy To: freebsd-security@freebsd.org Subject: Group-writable executable in OpenLDAP (fwd) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 17 Aug 2000 06:15:04 -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Still catching up on email after 4 weeks of vacation and noticed this BUGTRAQ gem in my inbox. Our OpenLDAP port needs to be fixed to address this. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC ------- Forwarded Message [headers deleted] Message-ID: Date: Wed, 26 Jul 2000 13:33:23 +0200 Reply-To: Christian Kleinewaechter Sender: Bugtraq List From: Christian Kleinewaechter Subject: Group-writable executable in OpenLDAP To: BUGTRAQ@SECURITYFOCUS.COM Resent-To: cy Resent-Date: Wed, 26 Jul 2000 13:11:54 -0700 Resent-From: Cy Schubert X-UIDL: 4H?!!jI-"!Y6V"!3XP"! OpenLDAP installs the ud binary in $binpath with mode 775 and default group (i.e. either you primary gid or the directories gid). Of course the consequences depend on which group this actually is. This was checked with 1.2.11 (latest stable), but probably also exists in earlier versions, since the Makefile.in is dated 1/14/1999. Developers have been notified and fixed this issue (at least in the CVS tree). So either change the mode in line $(LTINSTALL) $(INSTALLFLAGS) -m 775 ud $(bindir) to $(LTINSTALL) $(INSTALLFLAGS) -m 755 ud $(bindir) in clients/ud/Makefile.in (resp. clients/ud/Makefile if you don't use autoconf) or chmod the executable afterwards (or maybe do nothing at all if "default group" is a trusted group). - ---------------------------------------------------------------------- ----- Dr. Christian Kleinewaechter Universitaet Bielefeld - ---------------------------------------------------------------------- ----- Wieviel Prozent hat ein Bit? ------- End of Forwarded Message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message