Re: SECURITY PROBLEM: autofs [all versions]
Herbert Xu wrote:
>
> Josip Rodin <joy@cibalia.gkvk.hr> wrote:
> >> No, everyone else has been trying to tell me that
> >>
> >> ~# chmod -x /sbin/portmap
> >> ~# /etc/init.d/portmap restart
> >> Stopping portmap daemon: portmap.
> >> Starting portmap daemon: portmapstart-stop-daemon: Unable to start
> >> /sbin/portmap: Permission denied
> >> .
> >>
> >> is either "right"
>
> > It's not wrong as in that it would warrant a bug report with a severity
> > higher than wishlist.
>
> It's not wrong at all. In fact, doing a -x will only mislead people into
> believing chmod -x actually works as a way of disabling something, which it
> doesn't.
Then there should be no test at all because a -f would lead people to
believe that removing (or renaming) the file is the correct way to
disable something, which it isn't any more than chmod -x as it suffers
the same problem.
Christopher
Reply to: