[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fwd: RAZOR advisory: Linux util-linux chfn local root vulnerability

On Monday 29 July 2002 12:39 pm, Wichert Akkerman wrote:
> Previously Albert Cervera Areny wrote:
> > I suppose this vulnerability affects also debian. I've already changed
> > the setuid bit in chfn and chsh though it is supposed to be difficult to
> > exploit.
> Debian doesn't use chfn & friends from util-linux.

when you say 'doesn't use,' do you perhaps mean 'never invokes'? because:

# find / -name chfn

and i'm damn sure i didn't put it there all by myself.


To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: