Date: Wed, 8 Dec 1999 06:10:03 -0800 (PST) From: Sheldon Hearn <sheldonh@uunet.co.za> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/15351: Normal users can over write important system files via ftp. Message-ID: <199912081410.GAA83535@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/15351; it has been noted by GNATS. From: Sheldon Hearn <sheldonh@uunet.co.za> To: greyleaf@home.net Cc: freebsd-gnats-submit@FreeBSD.ORG Subject: Re: misc/15351: Normal users can over write important system files via ftp. Date: Wed, 08 Dec 1999 16:03:49 +0200 On Tue, 07 Dec 1999 21:49:45 PST, greyleaf@home.net wrote: > It is possible, as a normal users, to use the ftp client to over write > system files with modes of 0664 and group wheel (such as log files in > /var/log). This is true for at least the stock ftp distributed with the > 3.2 release. I think you're mistaken. I think that users who are a part of group wheel can do this, and that's expected behaviour. Before you do your test as a "normal user", type id at the command prompt. Is this normal user part of group wheel? If so, everything's working as it should. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912081410.GAA83535>