[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Excessive permissions for users in group wheel.

* Russell Coker <russell@coker.com.au> [101020 11:22]:
> > This would hurt systems where umask is 002 (or 007) by default (the root
> > group is the primary group of the root user with nobody else in it)
>
> find / -gid 0 -perm /20 \! -type l

I guess find / -gid 0 -perm /20 \! -type l \! -perm /2
reduces the number of false positives.

> The above find command will discover some of the cases where access to the 
> root group will give direct access to interesting things.  From a quick run on 
> a Squeeze system I noticed that with GID==0 you can apparently write directly 
> to all USB devices (/dev/bus/usb/*/* is writable).

Which package deserved the critical bug for this one?
Is it kernel or initscripts?

	Bernhard R. Link
Reply to: