Gentoo Archives: gentoo-security

From:	Greg Watson <greg.watson@×××××××××××××.us>
To:	gentoo-security@l.g.o
Cc:	Robert Ullrich <roul76@×××.de>
Subject:	Re: [gentoo-security] SOLUTION: Prevent users to login directly
Date:	Wed, 28 Jul 2004 20:25:22
Message-Id:	`41080B6E.3050801@dmva.state.co.us`
In Reply to:	Re: [gentoo-security] SOLUTION: Prevent users to login directly by Robert Ullrich

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	Robert Ullrich wrote:
5
6	\| Not if it's chown'ed root:portage and chmod'ed 440
7	\|
8	\|
9
10	Wrong, if a user has +w mode to a directory they can forcefully remove a
11	file. Try it
12
13	$ cd
14	$ touch -m 440 testme
15	$ sudo chown root:root testme
16	$ rm testme
17
18	Game over. :)
19
20	- --
21	Greg Watson
22	Security and Technology Manager
23	-----BEGIN PGP SIGNATURE-----
24	Version: GnuPG v1.2.4 (GNU/Linux)
25	Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
26
27	iD8DBQFBCAtuij88q5/ZVdIRAogeAJ4rUkorbNitrfUjq1PKQBvFuRD0PACeOTy5
28	OIHxbbIAhwqR7uMxCKrSYA8=
29	=oY8i
30	-----END PGP SIGNATURE-----
31
32	--
33	gentoo-security@g.o mailing list

Subject	Author
Re: [gentoo-security] SOLUTION: Prevent users to login directly	Piotr Kalinowski <pitkali@××.pl>