From owner-freebsd-security  Wed Jun  9  4:15:16 1999
Delivered-To: freebsd-security@freebsd.org
Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175])
	by hub.freebsd.org (Postfix) with ESMTP id EF11815401
	for <freebsd-security@freebsd.org>; Wed,  9 Jun 1999 04:15:07 -0700 (PDT)
	(envelope-from sheldonh@axl.noc.iafrica.com)
Received: from sheldonh (helo=axl.noc.iafrica.com)
	by axl.noc.iafrica.com with local-esmtp (Exim 3.02 #1)
	id 10rgJj-000EoA-00; Wed, 09 Jun 1999 13:14:47 +0200
From: Sheldon Hearn <sheldonh@uunet.co.za>
To: jj@cybernex.net.au
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: setuid diff 
In-reply-to: Your message of "Wed, 09 Jun 1999 20:42:37 +1000."
             <199906091040.UAA28635@cybernex.net.au> 
Date: Wed, 09 Jun 1999 13:14:47 +0200
Message-ID: <56925.928926887@axl.noc.iafrica.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Wed, 09 Jun 1999 20:42:37 +1000, "Jacob Rhoden" wrote:

> shells.dominoid.dhs.org setuid diffs:
> 4c4
> < -r-x--s--x  1 jj    jj       15111 Jun  7 00:48:43 1999
> /home/jj/afip/afip.log                                         

Anyone can execute afip.log (assuming it's a runnable binary). The
process created will have the runner's UID, but with the effective GID
of group jj.

Looks like a mistake or a user offering other users on your box a
service in what he thinks is a sneaky way.

Ciao,
Sheldon.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message