[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mkdir() and group id

From: Oystein Viggen
Subject: Re: mkdir() and group id
Date: Sat, 27 Apr 2002 22:00:49 +0200
User-agent: Gnus/5.090005 (Oort Gnus v0.05) XEmacs/21.1 (Capitol Reef, i386-debian-linux)

* [Thomas Bushnell, BSG] 

> Yes, group 0 is the wheel group.  HOW DOES THIS CAUSE A SECURITY
> ISSUE?  Please be specific and not vague.

Combined with umask 002 (suggested by yourself), this gives members of
the wheel group write access to all files created in /tmp by default, as
these files will be writable for group root.  This is bad, as I don't
believe being a member of the wheel group should give access to mess
with other peoples files without actually typing in su and the root

(This is based on the assumption that the only function of the wheel
group is to say who gets to su to root.  We have adm and staff for the
other stuff.)

This doesn't really become a security issue until a wheeled account is
stolen, but then again, there are generally more interesting things to
do if you can get at the account of someone who regurlarly types in the
root password.

Changing wheel to another group than 0, or changing the group of /tmp to
a group with no members (such as a new "tmp" group) are probably the two
simplest ways to clean this up.

Hope I'm making a bit more sense this time around.

When in doubt: Think again.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]