[Tiger-user] Warning about an inetd entry

tiger-user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Tiger-user] Warning about an inetd entry

From:	Bob Hall
Subject:	[Tiger-user] Warning about an inetd entry
Date:	Tue, 5 Nov 2002 10:13:49 -0800 (PST)

Hi,

I wanted to ask a question concerning a particular warning
issued by TIGER. This warning comes from the module that
checks the inetd entries from /etc/inetd.conf. The warning
is of the form:

 --WARN-- [inet008] inetd entry for XXXXX uses `YYYYY'
 which contains `ZZZZZ' which is not owned by root (owned by WWW).

for the service name XXXXX, program YYYYY, directory ZZZZZ
(owned by user WWW) and user WWW. (This is for a COTS product,
installed per the vendor's instructions.)

Now the inetd.conf entry in question has a user ID of WWW.
YYYYY is a root-owned symbolic link to a binary file that
is setuid WWW. So could somebody explain to me why this is
a potential security vulnerability? Isn't the service being
run as real and effective UID WWW, so it has less privileges
than if it was run by root?

Thank you.

--
  Bob

__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/

[Prev in Thread]

Current Thread

[Next in Thread]

[Tiger-user] Warning about an inetd entry, Bob Hall <=
- Re: [Tiger-user] Warning about an inetd entry, Javier Fernández-Sanguino Peña, 2002/11/06

Next by Date: [Tiger-user] check_anonftp
Next by thread: Re: [Tiger-user] Warning about an inetd entry
Index(es):
- Date
- Thread