FYI: cvs under redhat possible security concern...
Eric Warnke
eric at dt06q2n53.nycap.rr.com
Thu Oct 15 05:02:38 GMT 1998
I was just doing a security audit of my redhat system when something
unusual caught my eye. When I cvs checkout samba all the files are
created world writable, and since these files are later run by root, it
would not be difficult for a malisious user to slip in a trojan horse
into the source. Mabye this is just a simple cvs quiestion or a rehdat
peculariaty, but this could affect alot of sites.
Any ideas on how to fix this, and I'm not talking chmod -R o-rw *
Eric Warnke
Sys Admin, ResNet
University at Albany, NY
eric at snowmoon.com / ericw at albany.edu
More information about the samba-ntdom
mailing list