 HylaFAX The world's
most advanced open source fax server
|
[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]
Re: help! can't faxalter or faxrm! permission denied!
- To: kyle.silfer@alibi.com (kyle.silfer)
- Subject: Re: flexfax: help! can't faxalter or faxrm! permission denied!
- From: David Woolley <david@djwhome.demon.co.uk>
- Cc: andrew.croke@awamarine.com.au, flexfax@sgi.com
- Reply-To: flexfax@sgi.com
- Date: Thu, 24 Jun 1999 09:00:13 +0100 (BST)
> > > I have found that the process is actually owned by bin. I have been > > working around it by If you have a process, as against a program, owned by bin, you have a security problem. faxalter itself is not setuser, so should run as whoever starts it. Generally things are owned by bin if they should not be writeable, and in some cases readable, to anyone except root; it allows a careful sysadmin to manage them without running as root all the time. They can be a risk in NFS systems, as bin doesn't have the special protection given to root. Any process running as bin has the ability, if subverted, to access all the non-privileged programs in the system, including many that may subsequently be run as root. Either the startup script is being run unsafely, or something that is supposed to be set-user root has been made set-user bin, or set-user has been inappropriately set on something that doesn't need it.
- Follow-Ups:
- Re: help! can't faxalter or faxrm! permission denied!
- From: Andrew CROKE <andrew.croke@awamarine.com.au>
- Re: help! can't faxalter or faxrm! permission denied!
- References:
- RE: help! can't faxalter or faxrm! permission denied!
- From: "kyle.silfer" <kyle.silfer@alibi.com>
- RE: help! can't faxalter or faxrm! permission denied!
- Prev by Date: Re: Message clarification
- Next by Date: Deployment of Hylafax NT client
- Prev by thread: RE: help! can't faxalter or faxrm! permission denied!
- Next by thread: Re: help! can't faxalter or faxrm! permission denied!
- Index(es):
Project hosted by iFAX Solutions