Subject: bin/271: /etc/motd is world writable
To: None <gnats-admin>
From: Thorsten Lockert <tholo@SigmaSoft.COM>
List: netbsd-bugs
Date: 05/30/1994 03:05:03
>Number: 271
>Category: bin
>Synopsis: /etc/rc.local makes /etc/motd world writable
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: gnats-admin (Utility Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon May 30 03:05:02 1994
>Originator: Thorsten Lockert
>Organization:
SigmaSoft, Th. Lockert
>Release:
>Environment:
System: NetBSD gandalf.bbb.no 0.9B GANDALF#3 i386
>Description:
After updating the system name/version in /etc/motd, rc.local
proceeds to make it world writable.
>How-To-Repeat:
Boot your system.
>Fix:
*** src/etc/rc.local.orig Thu May 12 12:15:12 1994
--- src/etc/rc.local Mon May 30 11:46:43 1994
***************
*** 11,17 ****
echo "" >> $T
sed '1,/^$/d' < /etc/motd >> $T
cp $T /etc/motd
! chmod 666 /etc/motd
rm -f $T
echo -n 'starting local daemons:'
--- 11,17 ----
echo "" >> $T
sed '1,/^$/d' < /etc/motd >> $T
cp $T /etc/motd
! chmod 644 /etc/motd
rm -f $T
echo -n 'starting local daemons:'
>Audit-Trail:
>Unformatted:
------------------------------------------------------------------------------