On Sun, Feb 13, 2005 at 06:31:09PM -0500, Rehm wrote: > Package: kernel > Severity: critical > Justification: root security hole > > Extremely insecure. Apparently after having been able to do mounting > on a diskimage disk1.img (sued to root under lightweight wm in X- xterm box) > on a directory called ./1, > drwxr-xr-x 2 root root 4096 2005-02-13 18:22 1 > $ > ->as a normal user, (and my groups command shows no respect of being > member of root), I am able to delete directory 1, or shouldn't I? Either > I'm very dumb, or something is terribly wrong..Any other further details I > can provide and test- I wouldn't > mind..Thanks for the feedback..
a) do you actually have something mounted on that directory at the time? b) strace of rmdir, please -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
