As-is the /bin/ping permissions in LFS is not exploitable. You have to go out
of your way to make it so, and the same could be said about countless other
configurations. Changing the permission on /bin/ping wouldn't have any affect
on the security of the vanilla system, and only serves a "what i
Robert Connolly wrote:
> I don't know how many of you feel comfortable with an suid-root program being
> group writtable. I suggest we add:
>
> sed 's/4775/4755/' -i ping/Makefile.in
>
> to the LFS book.
Did I mention that the ping in inetutils sucks? There is a much better
on in the iputils p
On 8/26/06, Thomas Reitelbach <[EMAIL PROTECTED]> wrote:
Hello,
the german translation of LFS 6.2 is now available at the usual ressource:
http://oss.erdfunkstelle.de/lfs-de/
I'm sorry for the delay of 3 weeks, i've been busy with other important
things.
Done. Thanks.
http://www.linuxfromsc
Vladimir A. Pavlov wrote:
> On Monday 28 August 2006 03:24, Robert Connolly wrote:
>> sed 's/4775/4755/' -i ping/Makefile.in
>
> First, I think the shown way is a hack a little. It's better to do the
> following after installation:
>
> chmod 4711 /bin/ping
>
> Second, shouldn't it be 4711 rathe
Vladimir A. Pavlov wrote:
> On Monday 28 August 2006 03:24, Robert Connolly wrote:
>> sed 's/4775/4755/' -i ping/Makefile.in
>
> First, I think the shown way is a hack a little. It's better to do the
> following after installation:
>
> chmod 4711 /bin/ping
>
> Second, shouldn't it be 4711 rathe
On 8/28/06, Randy McMurchy <[EMAIL PROTECTED]> wrote:
Dan Nicholson wrote these words on 08/28/06 08:52 CST:
> I have to agree with Robert on this one. If something is known to
> install with weak permissions, I think we should change them instead
> of writing it off as bad packaging. The fix is
Dan Nicholson wrote these words on 08/28/06 08:52 CST:
> I have to agree with Robert on this one. If something is known to
> install with weak permissions, I think we should change them instead
> of writing it off as bad packaging. The fix is simple enough.
The argument is not the permissions of
On Monday 28 August 2006 03:24, Robert Connolly wrote:
> sed 's/4775/4755/' -i ping/Makefile.in
First, I think the shown way is a hack a little. It's better to do the
following after installation:
chmod 4711 /bin/ping
Second, shouldn't it be 4711 rather than 4755? The read-by-others access
to
On 8/27/06, Bruce Dubbs <[EMAIL PROTECTED]> wrote:
Robert Connolly wrote:
>
> I agree that only trusted users should be in group root, but being in someones
> group should not allow escalation to taking over the account. It undermines
> the purpose of having groups.
We are saying that it's not
