Casinos Not On Gamstop Non Gamstop Casinos Casinos Not On Gamstop Online Casinos UK Non Gamstop Casino
26th Sep 2002 [SBWID-5391]
COMMAND
	rc uses file globbing in insecure directories
SYSTEMS AFFECTED
	 FreeBSD 4.4-RELEASE
	 FreeBSD 4.5-RELEASE
	 FreeBSD 4-STABLE prior to the correction date
PROBLEM
	lumpy <[email protected]> found a  bug  regarding  rc,  the  system
	startup script  (/etc/rc),  as  related  in  FreeBSD  Security  Advisory
	FreeBSD-SA-02:27.rc:
	rc is the system startup script (/etc/rc). It is run  when  the  FreeBSD
	is booted multi-user, and performs a multitude of  tasks  to  bring  the
	system up. One of these  tasks  is  to  remove  lock  files  left  by  X
	Windows, as their existence could prevent  one  from  restarting  the  X
	Windows server.
	 Problem Description
	 ===================
	When removing X Windows lock files, rc uses the rm(1) command and  shell
	globbing:
	
	   rm -f /tmp/.X*-lock /tmp/.X11-unix/*
	
	Since  /tmp  is  a  world-writable  directory,   a   user   may   create
	/tmp/.X11-unix as a symbolic link to an arbitrary  directory.  The  next
	time that rc is run (i.e. the next time the system is booted),  rc  will
	then remove all of the files in that directory.
	 Impact
	 ======
	Users  may  remove  the  contents  of  arbitrary  directories   if   the
	/tmp/.X11-unix directory does not already exist and the  system  can  be
	enticed  to  reboot  (or  the  user  can  wait  until  the  next  system
	maintenance window).
SOLUTION
	 Workaround
	 ===========
	Find and remove or comment-out the following line in /etc/rc:
	
	   rm -f /tmp/.X*-lock /tmp/.X11-unix/*
	
	The following command executed as root will do this:
	
	   /bin/sh -c 'echo -e "/.X11-unix/s/^/#/\nw\nq\n" | /bin/ed -s /etc/rc'
	
	 Solution
	 ========
	1) Upgrade your vulnerable system to 4.5-STABLE; or  to  either  of  the
	RELENG_4_5 (4.5-RELEASE-p6)  or  RELENG_4_4  (4.4-RELEASE-p13)  security
	branches dated after the respective correction dates.
	2) To patch your present system:
	a) Download the relevant patch from the location below, and  verify  the
	detached PGP signature using your PGP utility.
	
	# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:27/rc.patch
	# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:27/rc.patch.asc
	
	b) Execute the following commands as root:
	
	# cd /usr/src
	# patch < /path/to/patch
	
	c) Install the new rc script:
	
	# cd /usr/src/etc
	# install -c -o root -g wheel -m 644 rc /etc/rc
Internet highlights

Casino Not On Gamstop