Copy Link
Add to Bookmark
Report
CIAC B-26
_____________________________________________________
The Computer Incident Advisory Capability
___ __ __ _ ___
/ | / \ /
\___ __|__ /___\ \___
_____________________________________________________
Information Bulletin
May 16, 1991, 1330 PST Number B-26
Inconsistent Directory and File Permissions in SunOS 4.1 and 4.1.1
________________________________________________________________________
PROBLEM: SunOS versions 4.1 and 4.1.1 have several inconsistent file
and directory permissions.
PLATFORM: Sun computer architectures sun3, sun3x, sun4, and sun4c that
run SunOS 4.1 or SunOS 4.1.1.
DAMAGE: May allow unauthorized or unintended user access to files.
SOLUTIONS: Patch/update available from Sun via Patch-ID# 100103-06 or
through anonymous ftp from uunet.uu.net or from CIAC
IMPACT OF PATCH: File and directory permissions set to intended
permissions. No other side-effects reported.
________________________________________________________________________
Critical Information about Inconsistent Directory and File Permissions
CIAC has discovered inconsistent directory and file permissions on
Sun Microsystems computers that run the SunOS 4.1 and 4.1.1 operating
systems. A patch is available from Sun Microsystems as the updated Patch
ID# 100103-06 (this number is required to order this patch from the
Sun Answer Center). Sun Microsystems, Inc. states that this patch is
applicable to Sun architectures sun3, sun3x, sun4, and sun4c. This patch
is also available via anonymous ftp at uunet.uu.net (IP address 192.48.96.2)
in the file sun-dist/100103-06.tar.Z or from CIAC.
If you need assistance in obtaining this patch by anonymous ftp or
extracting compressed files, please use the instructions in the
appendix of this bulletin. For additional information or assistance,
please contact CIAC:
Kenneth L. Pon
(415) 422-1783 or (FTS) 532-1783
pon@cheetah.llnl.gov
or
Hal Brand
(415) 422-0039 or (FTS) 532-0039
brand@addvax.llnl.gov
During working hours call CIAC at (415) 422-8193 or (FTS)
532-8193 or send e-mail to ciac@llnl.gov.
Send FAX messages to: (415) 423-0913 or (FTS) 543-0913.
_________________________________________________________________________
Appendix
Instructions for Obtaining Patch using ftp anonymous and
Extracting Compressed Files
The string "%" is the default UNIX csh(1) prompt; the string "ftp>" is
the ftp(1C) prompt. In the procedure described below, the text
displayed after these prompts on the same line as the prompts is what
you must enter. Text displayed on any line without a prompt is what
the system replies in response. System dialogue is indented to
distinguish it from surrounding comments.
First log into your system and find a place (e.g., a writeable
directory) to put the patch. In this example, a directory is made for
the patch. Note that you do not need to login as root to obtain the
patch. However, you need to be root to apply the patch.
% mkdir newpatch
% cd newpatch
Next ftp to uunet.uu.net. Login as "anonymous" and enter your identity
(in the following example, "pon") as your password. Your password will
not be echoed. Then use the following procedure to obtain 100103-06.tar.Z.
% ftp uunet.uu.net
Connected to uunet.uu.net.
220 uunet FTP server (Version 5.100 Mon Feb 11 17:13:28 EST 1991) ready.
Name (uunet.uu.net:pon): anonymous
331 Guest login ok, send ident as password.
Password:
230 Guest login ok, access restrictions apply.
ftp> cd sun-dist
250 CWD command successful.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
100100-01.tar.Z
100108-01.tar.Z
100125-04.tar.Z
100133-01.tar.Z
100184-02.tar.Z
100187-01.tar.Z
100188-01.tar.Z
100201-02.tar.Z
100224-02.tar.Z
100251-01.tar.Z
100103-06.tar.Z
README.sendmail
226 Transfer complete.
204 bytes received in 0.033 seconds (6 Kbytes/s)
ftp> binary
200 Type set to I.
ftp> get 100103-06.tar.Z
200 PORT command successful.
150 Opening BINARY mode data connection for 100103-06.tar.Z (3830 bytes).
226 Transfer complete.
local: 100103-06.tar.Z remote: 100103-06.tar.Z
3830 bytes received in 0.0039 seconds (9.7e+02 Kbytes/s)
ftp> quit
221 Goodbye.
%
Now extract the usable files from the compressed (evident by the "Z"
suffice), tar (tape archive) file that you just ftp'ed.
% uncompress 100103-06.tar.Z
This will uncompress 100103-06.tar.Z into 100103-06.tar. To see what files
are archived on the 100103-06.tar file, use the following command:
% tar tvf 100103-06.tar
rw-r--r-- 0/0 8106 May 14 10:23 1991 4.1secure.sh
rw-r--r-- 0/0 692 May 9 10:30 1991 README
Now extract the two files from tar format:
% tar xvf 100103-06.tar
x 4.1secure.sh, 8106 bytes, 16 tape blocks
x README, 692 bytes, 2 tape blocks
The README file contains instructions for applying the patch. Note that
the patch needs to be applied by user root.
__________________________________________________________________________
Brad Powell provided some of the information used in this bulletin. This
document was prepared as an account of work sponsored by an agency of
the United States Government. Neither the United States Government nor
the University of California nor any of their employees, makes any
warranty, express or implied, or assumes any legal liability or
responsibility for the accuracy, completeness, or usefulness of any
information, apparatus, product, or process disclosed, or represents
that its use would not infringe privately owned rights. Reference
herein to any specific commercial products, process, or service by
trade name, trademark, manufacturer, or otherwise, does not necessarily
constitute or imply its endorsement, recommendation or favoring by the
United States Government or the University of California. The views and
opinions of authors expressed herein do not necessarily state or
reflect those of the United States Government or the University of
California, and shall not be used for advertising or product
endorsement purposes.
