misc/111528: 777 of port
ming
poming168 at hotmail.com
Fri Apr 13 06:00:12 UTC 2007
>Number: 111528
>Category: misc
>Synopsis: 777 of port
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Apr 13 06:00:10 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: ming
>Release: 5.1 6.2
>Organization:
>Environment:
FreeBSD web6.isupport.com.hk 6.2-RELEASE FreeBSD 6.2-RELEASE #4: Thu Jan 25 14:28:00 HKT 2007 root at web6.isupport.com.hk:/usr/obj/usr/src/sys/NETFINITY6-SMP-64 amd64
>Description:
# ls -ald /usr/ports/converters/libiconv/work/libiconv-1.9.2/src
drwxrwxrwx 3 root wheel 512 Mar 13 20:51 /usr/ports/converters/libiconv/work/libiconv-1.9.2/src
which allow any user to put file into this directory, and then run any application inside it.
>How-To-Repeat:
>Fix:
chmod 755 /usr/ports/converters/libiconv/work/libiconv-1.9.2/src
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list