From: Green, Simon (SGreen@KRAFTEUROPE.COM)
Date: Wed Aug 28 2002 - 12:03:23 EDT
I must confess that's not something I'd ever considered.
Many scripts would just go and re-direct output to $FILE1, assuming it would
be created or safely overwritten. Since many scripts are readable by all
users, it would be relatively simple for any person with malicious intent to
find out exactly what to call the links.
One easy way around it would be to remove the file before trying to write to
it. If it's not there, no harm done. I don't think I'm going to go through
and change every script on our systems, but I might well start doing this in
any new or modified scripts.
I agree that people in the company should be trusted, (or else why are they
employed at all?) But the biggest source of malicious activity is
disgruntled employees, so we need to bear that in mind.
I usually take the approach of trusting everybody, but minimising their
opportunities to betray that trust.
Simon Green
Philip Morris ITSC Europe
AIX-L Archive at http://marc.theaimsgroup.com/?l=aix-l&r=1&w=2
AIX FAQ at http://www.faqs.org/faqs/aix-faq/
N.B. Unsolicited email from vendors will seldom be appreciated.
> -----Original Message-----
> From: Holger.VanKoll@SWISSCOM.COM [mailto:Holger.VanKoll@SWISSCOM.COM]
> Sent: 28 August 2002 15:27
> To: aix-l@Princeton.EDU
> Subject: Re: On replacing a hdisk
>
>
> > FILE1=/tmp/mvhdisk.$$
>
> Something like this is often found in scripts (including older ones
> written by me).
>
> A user could create links with a small script
>
> /tmp/mvhdisk.0 -> /etc/passwd
> ...
> /tmp/mvhdisk.max$$ -> /etc/passwd
>
> or any other file he likes to overwrite as root.
>
> Not a big deal as you normally have trusted users within a company.
>
> Anyway something one should know.
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:10 EDT