Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Aug 1996 14:25:03 +0800 (SST)
From:      Ng Pheng Siong <ngps@pacific.net.sg>
To:        freebsd-security@freebsd.org
Subject:   [linux-security] Test squad results on group rights denial (fwd)
Message-ID:  <Pine.GSO.3.94.960801142307.19619L-100000@darkwing.pacific.net.sg>
next in thread | raw e-mail | index | archive | help 

Got the following from linux-security. Just noted that FreeBSD (also Net and 
Open ;) aren't listed. 

Anyone know what this is?

---------- Forwarded message ----------
Date: Tue, 30 Jul 1996 09:27:53 +0200 (MET DST)
From: Rogier Wolff <R.E.Wolff@BitWizard.nl>
To: linux-security@tarsier.cv.nrao.edu
Subject: [linux-security] Test squad results on group rights denial


I've got several replies back from the test squad now.
The question was: Can we find OSes where you cannot get less rights than
"other" if you're in the group.....

The test squad so far has access to the following OSes:

Linux (Slackware 3.0) 2.0.9
Linux (Slackware 2.0 w/mods) 1.2.13
Linux (Slackware 2.3) 2.0.8
Linux (Slackware 3.0) 2.0.7
Linux (Slackware ??)  1.2.8    
Linux (Debian 1.1) 2.0.8  
Linux (RedHat 3.0.3) 2.0.0 
Linux (Redhat ??) ????
Linux (custom) 2.0.8       
Linux (???) 1.3.80, ext2fs 

AIX 2.3                    
BSDI 2.0                   
HPUX 9.05
HPUX 10.10
HPUX 10.01
Irix 5.3 			
Irix 6.2                   
OSF1 3.2                   
OSF1 3.2d                  
SunOS 4.1.3                
SunOS 4.1.4          
Solaris 2.3 (SunOS 5.3)
Solaris 2.4 (SunOS 5.4)    
Solaris 2.5 (SunOS 5.5)
VMS 5.5-1                  

On most OSes it seems that you are able to revoke rights by putting
someone in a group, and revoking group rights.  I got reports about
NOT being able to revoke "other" rights using the group bits for the
following OSes:

HPUX 10.01, Irix 5.3 and Linux 1.2.8.

I verified HPUX versions 9.05 and 10.10 myself, and WAS able to revoke
rights. Others have been able to do that for Linux and Irix. For Linux
it might be filesystem dependent. Ext2fs will handle this properly.

The test squad ran 30 tests, of which 3 turned out questionable.
The original report from Daniel Roedding (daniel@fiction.pb.owl.de) 
that it didn't work on an old dynix system still stands.

                                             Roger.

--
/* EMail: R.E.Wolff@BitWizard.nl   */ int main (int argc,char**argv){
/*   Tel: +31-15-2137459           */ if (*++argv&&!strcmp(*argv,"-advice")) 
/*   WWW: http://www.BitWizard.nl/ */   {printf("Don't Panic!\n");exit(42);}}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.94.960801142307.19619L-100000>