Re: SECURITY PROBLEM: autofs [all versions]

To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: debian-devel@lists.debian.org
Subject: Re: SECURITY PROBLEM: autofs [all versions]
From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
Date: Fri, 07 Jul 2000 12:06:19 -0400
Message-id: <[🔎] 3965FFFB.A49FC50C@aet-usa.com>
References: <[🔎] 200007062357.e66NvR000322@gondor.apana.org.au> <[🔎] 39655765.96B979@aet-usa.com> <[🔎] 20000707144430.A30615@gondor.apana.org.au>

Herbert Xu wrote:
> 
> On Fri, Jul 07, 2000 at 12:07:01AM -0400, Christopher W. Curtis wrote:
> >
> > Then there should be no test at all because a -f would lead people to
> > believe that removing (or renaming) the file is the correct way to
> > disable something, which it isn't any more than chmod -x as it suffers
> > the same problem.
> 
> Huh? The -f test is there so that the script doesn't screw you up when the
> package is removed but not purged.

All I'm saying is that a test -x gives you the exact same ability, plus
the added benefit of being more 'correct' (making the bold assumption
here that 'if[is_executable]then execute' is more correct than
'if[is_file]then execute').  Besides, the SA probably has bigger things
to deal with than 'was it removed and not purged?' when netbase has been
removed.

Christopher

Reply to:

References:
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Herbert Xu <herbert@gondor.apana.org.au>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: "Christopher W. Curtis" <ccurtis@aet-usa.com>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Herbert Xu <herbert@gondor.apana.org.au>

Prev by Date: Re: portmap (was Re: SECURITY PROBLEM: autofs [all versions])
Next by Date: Re: SECURITY PROBLEM: autofs [all versions]
Previous by thread: Re: SECURITY PROBLEM: autofs [all versions]
Next by thread: Re: SECURITY PROBLEM: autofs [all versions]
Index(es):
- Date
- Thread