Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: "Paweł Madej" <linux@××××××××.info>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] /sbin /usr/sbin security hole
Date: Tue, 17 Jan 2006 15:25:51
Message-Id: 43CCF7BE.5090004@quanteam.info
In Reply to: Re: [gentoo-dev] /sbin /usr/sbin security hole by Frank Groeneveld
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 Frank Groeneveld wrote:
5 > Hi,
6 >
7 > You probably have /sbin/shutdown set suid, because on all my Gentoo
8 > boxes, normal users can't run it, only root can run it. (Permission
9 > denied). What is the output of ls -al /sbin/?
10 >
11 > Greets,
12 > Frank
13 >
14 nysander@eleanor ~ $ ls -al /sbin/
15 razem 6680
16 drwxr-xr-x 2 root root 4096 sty 13 18:17 .
17 drwxr-xr-x 18 root root 4096 sty 12 11:20 ..
18 - -rwxr-xr-x 1 root root 14892 gru 21 21:25 agetty
19 - -rwxr-xr-x 1 root root 47780 wrz 16 06:28 arp
20 - -rwxr-xr-x 1 root root 11456 wrz 16 05:53 arping
21 - -rwxr-xr-x 1 root root 8092 gru 27 00:33 ata_id
22 - -rwxr-xr-x 1 root root 18516 gru 21 21:23 badblocks
23 - -rwxr-xr-x 1 root root 8336 gru 21 21:23 blkid
24 - -rwxr-xr-x 1 root root 9212 gru 21 21:25 blockdev
25 - -rwxr-xr-x 1 root root 11932 lis 29 16:39 bootlogd
26 - -rwxr-xr-x 1 root root 7552 gru 27 00:33 cdrom_id
27 - -rwxr-xr-x 1 root root 53068 gru 21 21:25 cfdisk
28 - -rwxr-xr-x 1 root root 3416 sty 13 18:17 consoletype
29 - -rwxr-xr-x 1 root root 4832 gru 27 00:33 create_floppy_devices
30 - -rwxr-xr-x 1 root root 4100 gru 21 21:25 ctrlaltdel
31 - -rwx------ 1 root root 89 gru 18 23:08 d2lod_mounter
32 - -rwxr-xr-x 1 root root 65220 gru 21 21:23 debugfs
33 - -rwxr-xr-x 1 root root 36900 gru 29 01:46 depmod
34 - -rwxr-xr-x 1 root root 86500 gru 29 01:46 depmod.old
35 - -rwxr-xr-x 1 root root 2077 sty 13 18:17 depscan.sh
36 - -rwxr-xr-x 1 root root 43712 lis 28 23:44 dhcpcd
37 - -rwxr-xr-x 1 root root 10332 gru 21 21:23 dumpe2fs
38 - -rwxr-xr-x 1 root root 140700 gru 21 21:23 e2fsck
39 - -rwxr-xr-x 1 root root 12400 gru 21 21:23 e2image
40 lrwxrwxrwx 1 root root 7 gru 21 21:23 e2label -> tune2fs
41 - -rwxr-xr-x 1 root root 6096 gru 21 21:25 elvtune
42 - -rwxr-xr-x 1 root root 692 sty 13 18:17 env-update.sh
43 - -rwxr-xr-x 1 root root 82500 gru 21 21:25 fdisk
44 - -rwxr-xr-x 1 root root 6884 gru 21 21:23 filefrag
45 lrwxrwxrwx 1 root root 7 gru 21 21:23 findfs -> tune2fs
46 - -rwxr-xr-x 1 root root 9560 gru 27 00:33 firmware_helper
47 - -rwxr-xr-x 1 root root 1712 sty 4 11:01 fix_libtool_files.sh
48 - -rwxr-xr-x 1 root root 18752 gru 21 21:23 fsck
49 - -rwxr-xr-x 1 root root 10904 gru 21 21:25 fsck.cramfs
50 lrwxrwxrwx 1 root root 6 gru 21 21:23 fsck.ext2 -> e2fsck
51 lrwxrwxrwx 1 root root 6 gru 21 21:23 fsck.ext3 -> e2fsck
52 - -rwxr-xr-x 1 root root 22556 gru 21 21:25 fsck.minix
53 - -rwxr-xr-x 1 root root 18858 sty 13 18:17 functions.sh
54 - -rwxr-xr-x 1 root root 9116 gru 29 01:46 generate-modprobe.conf
55 - -rwxr-xr-x 1 root root 34108 gru 29 01:46 genksyms
56 - -rwxr-xr-x 1 root root 135552 lis 29 17:43 grub
57 - -rwxr-xr-x 1 root root 12912 lis 29 17:43 grub-install
58 - -rwxr-xr-x 1 root root 2304 lis 29 17:43 grub-md5-crypt
59 - -rwxr-xr-x 1 root root 2533 lis 29 17:43 grub-set-default
60 - -rwxr-xr-x 1 root root 2473 lis 29 17:43 grub-terminfo
61 - -rwxr-xr-x 1 root root 10984 lis 29 16:39 halt
62 - -rwxr-xr-x 1 root root 56176 gru 31 08:42 hdparm
63 - -rwxr-xr-x 1 root root 1160 wrz 16 06:58 hotplug
64 - -rwxr-xr-x 1 root root 29588 gru 21 21:25 hwclock
65 - -rwxr-xr-x 1 root root 807 gru 31 08:42 idectl
66 - -rwxr-xr-x 1 root root 61332 wrz 16 06:28 ifconfig
67 - -rwxr-xr-x 1 root root 35688 lis 29 16:39 init
68 - -rwxr-xr-x 1 root root 6836 gru 29 01:46 insmod
69 - -rwxr-xr-x 1 root root 359 gru 29 01:46 insmod_ksymoops_clean
70 - -rwxr-xr-x 1 root root 132680 gru 29 01:46 insmod.old
71 - -rwxr-xr-x 1 root root 472336 gru 29 01:46 insmod.static
72 - -rwxr-xr-x 1 root root 667968 gru 29 01:46 insmod.static.old
73 - -rwxr-xr-x 1 root root 1512 lis 29 11:14 installkernel
74 - -rwxr-xr-x 1 root root 12068 wrz 16 06:28 ipmaddr
75 - -rwxr-xr-x 1 root root 16288 wrz 16 06:28 iptunnel
76 lrwxrwxrwx 1 root root 10 gru 29 01:46 kallsyms -> insmod.old
77 lrwxrwxrwx 1 root root 17 gru 29 01:46 kallsyms.static ->
78 insmod.static.old
79 - -rw-r--r-- 1 root root 0 gru 12 12:28 .keep
80 - -rwxr-xr-x 1 root root 451 gru 29 01:46 kernelversion
81 - -rwxr-xr-x 1 root root 10700 lis 29 16:39 killall5
82 lrwxrwxrwx 1 root root 10 gru 29 01:46 ksyms -> insmod.old
83 lrwxrwxrwx 1 root root 17 gru 29 01:46 ksyms.static ->
84 insmod.static.old
85 - -rwxr-xr-x 1 root root 598704 sty 4 12:27 ldconfig
86 - -rwxr-xr-x 1 root root 6412 gru 21 21:23 logsave
87 - -rwxr-xr-x 1 root root 45000 gru 21 21:25 losetup
88 lrwxrwxrwx 1 root root 12 gru 29 01:46 lsmod -> ../bin/lsmod
89 lrwxrwxrwx 1 root root 10 gru 29 01:46 lsmod.old -> insmod.old
90 lrwxrwxrwx 1 root root 13 gru 29 01:46 lsmod.static -> insmod.static
91 - -rwxr-xr-x 1 root root 51166 sty 13 18:17 MAKEDEV
92 - -rwxr-xr-x 1 root root 12516 wrz 16 06:28 mii-tool
93 - -rwxr-xr-x 1 root root 31768 gru 21 21:23 mke2fs
94 - -rwxr-xr-x 1 root root 5368 gru 21 21:25 mkfs
95 - -rwxr-xr-x 1 root root 8584 gru 21 21:25 mkfs.bfs
96 - -rwxr-xr-x 1 root root 15700 gru 21 21:25 mkfs.cramfs
97 lrwxrwxrwx 1 root root 6 gru 21 21:23 mkfs.ext2 -> mke2fs
98 lrwxrwxrwx 1 root root 6 gru 21 21:23 mkfs.ext3 -> mke2fs
99 - -rwxr-xr-x 1 root root 15516 gru 21 21:25 mkfs.minix
100 - -rwxr-xr-x 1 root root 12480 gru 21 21:25 mkswap
101 - -rwxr-xr-x 1 root root 11020 gru 29 01:46 modinfo
102 - -rwxr-xr-x 1 root root 57492 gru 29 01:46 modinfo.old
103 - -rwxr-xr-x 1 root root 24052 gru 29 01:46 modprobe
104 lrwxrwxrwx 1 root root 10 gru 29 01:46 modprobe.old -> insmod.old
105 lrwxrwxrwx 1 root root 13 gru 29 01:46 modprobe.static ->
106 insmod.static
107 - -rwxr-xr-x 1 root root 7651 sty 13 18:17 modules-update
108 - -rwxr-xr-x 1 root root 8820 wrz 16 06:28 nameif
109 - -rwxr-xr-x 1 root root 9241 gru 27 00:33 path_id
110 - -rwxr-xr-x 1 root root 3416 gru 21 21:25 pivot_root
111 - -rwxr-xr-x 1 root root 5372 wrz 16 06:28 plipconfig
112 - -rwxr-xr-x 1 root root 13280 wrz 17 22:40 portmap
113 lrwxrwxrwx 1 root root 4 lis 29 16:39 poweroff -> halt
114 - -rwxr-xr-x 1 root root 25848 wrz 16 06:28 rarp
115 - -rwxr-xr-x 1 root root 22634 sty 13 18:17 rc
116 - -rwxr-xr-x 1 root root 3376 sty 13 18:17 rc-update
117 lrwxrwxrwx 1 root root 4 lis 29 16:39 reboot -> halt
118 - -rwxr-xr-x 1 root root 25524 gru 21 21:23 resize2fs
119 - -rwxr-xr-x 1 root root 9052 gru 29 01:46 rmmod
120 lrwxrwxrwx 1 root root 10 gru 29 01:46 rmmod.old -> insmod.old
121 lrwxrwxrwx 1 root root 13 gru 29 01:46 rmmod.static -> insmod.static
122 - -rwxr-xr-x 1 root root 48892 wrz 16 06:28 route
123 - -rwxr-xr-x 1 root root 3600 lis 29 16:39 runlevel
124 - -rwxr-xr-x 1 root root 18804 sty 13 18:17 runscript
125 - -rwxr-xr-x 1 root root 17666 sty 13 18:17 runscript.sh
126 - -rwxr-xr-x 1 root root 27456 gru 27 00:33 scsi_id
127 - -rwxr-xr-x 1 root root 52716 gru 21 21:25 sfdisk
128 - -rwxr-xr-x 1 root root 19424 lis 29 16:39 shutdown
129 - -rwxr-xr-x 1 root root 30100 wrz 16 06:28 slattach
130 - -rwxr-xr-x 1 root root 476108 sty 4 12:27 sln
131 - -rwxr-xr-x 1 root root 18880 sty 13 18:17 start-stop-daemon
132 - -rwxr-xr-x 1 root root 10344 lis 29 16:39 sulogin
133 - -rwxr-xr-x 1 root root 1498452 gru 29 01:43 suspend2ui_fbsplash
134 - -rwxr-xr-x 1 root root 490080 gru 29 01:43 suspend2ui_text
135 lrwxrwxrwx 1 root root 6 gru 21 21:25 swapoff -> swapon
136 - -rwxr-xr-x 1 root root 26340 gru 21 21:25 swapon
137 - -r-xr-xr-x 1 root root 9476 gru 28 00:40 sysctl
138 lrwxrwxrwx 1 root root 4 lis 29 16:39 telinit -> init
139 - -rwxr-xr-x 1 root root 22768 gru 21 21:23 tune2fs
140 - -rwxr-xr-x 1 root root 48680 gru 27 00:33 udev
141 - -rwxr-xr-x 1 root root 10432 gru 27 00:33 udevcontrol
142 - -rwxr-xr-x 1 root root 55720 gru 27 00:33 udevd
143 - -rwxr-xr-x 1 root root 7820 gru 27 00:33 udev_run_devd
144 - -rwxr-xr-x 1 root root 7692 gru 27 00:33 udev_run_hotplugd
145 - -rwxr-xr-x 1 root root 19292 gru 27 00:33 udevsend
146 - -rwxr-xr-x 1 root root 48680 gru 27 00:33 udevstart
147 lrwxrwxrwx 1 root root 14 sty 13 18:17 update-modules ->
148 modules-update
149 - -rwxr-xr-x 1 root root 21500 gru 27 00:33 usb_id
150 - -rwxr-xr-x 1 root root 22044 gru 27 00:33 vol_id
151
152
153 - --
154 Paweł Madej aka Nysander
155 Member of QuanTeam | RLU #357047
156 http://wiki.quanteam.info | Gentoo Linux User
157 http://forum-farmaceutyczne.org | GPG key: 5861680B
158 | keyserver: http://pgp.mit.edu
159 Kielce, Poland | UTF-8 Email Preferred
160
161 Looking to buy: 6x 73 GB UW3/Ultra160 SCSI 80 pin (SCA)
162 ..::||::.. pair of PentiumIII Slot1 1GHz/ FSB 100 processors
163 ..::||::.. 2x 256 MB SDRAM ECC Registered
164 Got any of this mail me, with prize and shipping costs.
165 -----BEGIN PGP SIGNATURE-----
166 Version: GnuPG v1.4.2 (GNU/Linux)
167
168 iD8DBQFDzPbDgvSMglhhaAsRAkbjAJ9SES5EpEz0xH0JbqlnaiKzDqlykwCgklRj
169 MBGH2ral2g9v8O0XJsW6S6I=
170 =6Cnx
171 -----END PGP SIGNATURE-----
172
173 --
174 gentoo-dev@g.o mailing list

Replies

Subject Author
Re: [gentoo-dev] /sbin /usr/sbin security hole Richard Fish <bigfish@××××××××××.org>
Re: [gentoo-dev] /sbin /usr/sbin security hole Drake Wyrm <wyrm@×××××.com>
Report Message
Find on MARC Find on Google Groups