Re: SECURITY PROBLEM: autofs [all versions]

To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Josip Rodin <joy@cibalia.gkvk.hr>, debian-devel@lists.debian.org
Subject: Re: SECURITY PROBLEM: autofs [all versions]
From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
Date: Fri, 07 Jul 2000 00:07:01 -0400
Message-id: <[🔎] 39655765.96B979@aet-usa.com>
References: <[🔎] 200007062357.e66NvR000322@gondor.apana.org.au>

Herbert Xu wrote:
> 
> Josip Rodin <joy@cibalia.gkvk.hr> wrote:
> >> No, everyone else has been trying to tell me that
> >>
> >> ~# chmod -x /sbin/portmap
> >> ~# /etc/init.d/portmap restart
> >> Stopping portmap daemon: portmap.
> >> Starting portmap daemon: portmapstart-stop-daemon: Unable to start
> >> /sbin/portmap: Permission denied
> >> .
> >>
> >> is either "right"
> 
> > It's not wrong as in that it would warrant a bug report with a severity
> > higher than wishlist.
> 
> It's not wrong at all.  In fact, doing a -x will only mislead people into
> believing chmod -x actually works as a way of disabling something, which it
> doesn't.

Then there should be no test at all because a -f would lead people to
believe that removing (or renaming) the file is the correct way to
disable something, which it isn't any more than chmod -x as it suffers
the same problem.

Christopher

Reply to:

Follow-Ups:
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Herbert Xu <herbert@gondor.apana.org.au>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Adam Heath <adam@doogie.org>

References:
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Herbert Xu <herbert@gondor.apana.org.au>

Prev by Date: Re: Broken mime handling in netscape
Next by Date: Re: SECURITY PROBLEM: autofs [all versions]
Previous by thread: Re: SECURITY PROBLEM: autofs [all versions]
Next by thread: Re: SECURITY PROBLEM: autofs [all versions]
Index(es):
- Date
- Thread