[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WP8 Security bug



PLP>> If the files in /tmp are 666 ANYONE can delete and replace them with a

Wrong. /tmp has +t bit (on every normal instalation), which prevents you
from deleting other user's files. You can write it, but not delete it.
Also, you can't move it to another name.

PLP>> start xwp, stop xwp with kill -9, find a tmp file frmo it,
PLP>> delete it, and link it to said /etc/secure_file. Then, restart

You will have rights to delete it only if you are user of the file or
root. Is xwp installed suid root??? If so, one who did that should be
fired (or set on fire? ;)
-- 
frodo@sharat.co.il	\/  There shall be counsels taken
Stanislav Malyshev	/\  Stronger than Morgul-spells
phone +972-2-6245112	/\  		JRRT LotR.
http://sharat.co.il/frodo/	whois:!SM8333