Package: base Severity: critical Tags: security Justification: root security hole
made a file write protected. See this:
katzes:/etc# ls -al resolv.conf
-r--r--r-- 1 root root 51 2007-05-21 11:39 resolv.conf
It has this content:
GNU nano 2.0.2 Datei: resolv.conf
nameserver 194.97.173.125
nameserver 192.168.1.254
Then I changed the content:
GNU nano 2.0.2 Datei: resolv.conf
nameserver 194.97.173.125
nameserver 192.168.1.254
#comment
[ 3 Zeilen
geschrieben ]
("3 Zeilen
geschrieben"
means "3 lines
written")
The file was
changed allthough
it is still read
only:
katzes:/etc# ls
-al resolv.conf
-r--r--r-- 1 root
root 60
2007-05-21 11:42
resolv.conf
This is bad. A
write protected
file should not
be writable,
under no
circumstances!
:quit
_:quit
:quit
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-3-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
