[dranch at trinnet.net: [yh] Linux 2.4.6 has a semi-serious umask bug..]

Scot Mc Pherson behomet at home.com
Thu Jul 19 21:47:34 PDT 2001


Hehe,
    Nope not me. But I know all of you onr irc already know that ;)
2.2.19 rules

Scot Mc Pherson
~Linux is a journey, not a guided tour~

Beady's First Law of Social Harmonics:
"Never let the engineers write the instructions."





----- Original Message -----
From: Jesse Tie Ten Quee <highos at highos.com>
To: <lfs-security at linuxfromscratch.org>
Sent: Thursday, July 19, 2001 10:33 PM
Subject: [dranch at trinnet.net: [yh] Linux 2.4.6 has a semi-serious umask
bug..]


> Yo,
>
> I don't run 2.4 on any production machine..but i know some of you do,
> problably ;)
>
> ----- Forwarded message from "David A. Ranch" <dranch at trinnet.net> -----
>
> From: "David A. Ranch" <dranch at trinnet.net>
> Subject: [yh] Linux 2.4.6 has a semi-serious umask bug..
> Date: Thu, 19 Jul 2001 19:28:05 -0700
> To: "Sys Admins": ;
>
> *** {01.29.005} Linux - Linux 2.4.x kernel doesn't set UMASK
>
> A vulnerability was found in the 2.4.x Linux kernels that causes
> the kernel to not properly set the UMASK. This could result in the
> creation of certain files with world-writable permissions.
> This vulnerability has been confirmed and will be fixed in the
> 2.4.7 kernel.
> Source: SecurityFocus Bugtraq
> http://archives.neohapsis.com/archives/bugtraq/2001-07/0257.html
>
.---------------------------------------------------------------------------
-.
> |  David A. Ranch - Linux/Networking/PC hardware
dranch at trinnet.net  |
>
      ----!
> `----- For more detailed info, see
http://www.ecst.csuchico.edu/~dranch -----'
>
> _______
> Yashy-Hack                                      http://yashy.com/list/
> to unsubscribe:   echo unsubscribe | mail yashy-hack-request at yashy.com
>
>
> ----- End forwarded message -----
>
> --
> Jesse Tie Ten Quee - highos at highos dot com
> --
> Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
> and put unsubscribe in the subject header of the message
>
>

-- 
Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message



More information about the lfs-security mailing list