Date: Tue, 7 Dec 1999 21:49:45 -0800 (PST) From: greyleaf@home.net To: freebsd-gnats-submit@freebsd.org Subject: misc/15351: Normal users can over write important system files via ftp. Message-ID: <19991208054945.D7ED514BD4@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 15351 >Category: misc >Synopsis: Normal users can over write important system files via ftp. >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 7 21:50:01 PST 1999 >Closed-Date: >Last-Modified: >Originator: Jim Cole >Release: 3.2 >Organization: >Environment: FreeBSD loki.yggdrasill.net 3.2-RELEASE FreeBSD 3.2-RELEASE #0: Sun Sep 12 13:45:31 MDT 1999 root@loki.yggdrasill.net:/usr/src/sys/compile/LOKI_1 i386 >Description: It is possible, as a normal users, to use the ftp client to over write system files with modes of 0664 and group wheel (such as log files in /var/log). This is true for at least the stock ftp distributed with the 3.2 release. >How-To-Repeat: As a normal user, ftp to another UNIX machine that includes, say /var/log/messages. Do a bin and then a get /var/log/messages At the end of the download, there will be a message stating that the modification time of the file couldn't be changed, however the old file is over written. In all cases the ftp was initiated from the user's home directory. >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991208054945.D7ED514BD4>