[plug] Possible (???) security hole in Debian 2.0

David Campbell campbell at torque.net
Fri Sep 4 07:29:08 WST 1998

I don't know if this is a problem that has been reported or not but....

I just found that all the scripts in /etc/init.d/ had rwxr-xr-x permisions. This 
means that anyone logged in could start/stop daemons on the machine. I 
personally do not find this a good idea.

Could other people running Debian 2.0 please check their /etc/init.d/ 
directory and let me know if it is a problem with only my machine or it affects 

Appologies if this has been noted before but I don't remember seeing 
anything on this mailing list before.

David Campbell (paranoid)

campbell at torque.net

"There is no such thing as a bug in the Linux 2.1.x kernels
Consider it as a request from the enlightened for you to brush
up on your C programming and help improve the kernel."

More information about the plug mailing list