[plug] Possible (???) security hole in Debian 2.0
David Campbell
campbell at torque.net
Fri Sep 4 07:29:08 WST 1998
I don't know if this is a problem that has been reported or not but....
I just found that all the scripts in /etc/init.d/ had rwxr-xr-x permisions. This
means that anyone logged in could start/stop daemons on the machine. I
personally do not find this a good idea.
Could other people running Debian 2.0 please check their /etc/init.d/
directory and let me know if it is a problem with only my machine or it affects
others.
Appologies if this has been noted before but I don't remember seeing
anything on this mailing list before.
David Campbell (paranoid)
=======================================================
campbell at torque.net
"There is no such thing as a bug in the Linux 2.1.x kernels
Consider it as a request from the enlightened for you to brush
up on your C programming and help improve the kernel."
More information about the plug
mailing list