[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : IRIX 5.2, 6.0, 6.0.1 Desktop Permissions Tool

Title: IRIX 5.2, 6.0, 6.0.1 Desktop Permissions Tool
Released by: SGI
Date: 3rd March 1995
Printable version: Click here
                Silicon Graphics Inc. Security Advisory

        Title: IRIX 5.2, 6.0, 6.0.1 Desktop Permissions Tool

                Number:         19950301-01-P373

                Date:           March 3, 1995


Silicon Graphics provides this information freely to the SGI community

for its consideration, interpretation and implementation.   Silicon Graphics

recommends that this information be acted upon as soon as possible.

Silicon Graphics will not be liable for any consequential damages arising

from the use of, or failure to use or use properly, any of the instructions

or information in this Security Advisory.


A vulnerability has been discovered in the IRIX 5.2, 6.0, and 6.0.1 operating

systems regarding the permissions tool under the IRIX desktop environment.

Normally, this tool is used by users to modify the permissions on their files

and files they are privileged for.  Under certain conditions, a user may be

able to modify the permissions for any file.  This is identified as SGI

SCR # 265071.

SGI Engineering has investigated this issue and recommends the following

steps for neutralizing the exposure.  It is HIGHLY RECOMMENDED that these

measures be done on ALL SGI systems running IRIX 5.2, 6.0, and 6.0.1 .

This issue is corrected in 5.3 of IRIX and will be corrected in future

releases of IRIX.

- - --------------------------

- - --- Immediate Solution ---

- - --------------------------

The most immediate solution for this issue is to remove the setuid/setgid

bits on /usr/lib/permissions, or to remove the tool entirely.  Removing the

setuid/setgid bits will limit the tool to only function on files owned by

the user using the tool.

        1) Become the root user on the system.

                % /bin/su -



        2) Change the unix permissions level on the desktop

        permissions program.

                # chmod u-s /usr/lib/desktop/permissions

                # chmod g-s /usr/lib/desktop/permissions

        3) Return to previous user.

                # exit


- - --------------------------

- - --- Long Term Solution ---

- - --------------------------

*** IRIX 5.0.x, 5.1.x ****

The versions 5.0.x and 5.1.x of IRIX were limited hardware, specific

releases and have since been obsoleted by later versions of IRIX.  For

supportability reasons, upgrading to at least IRIX 5.2 is recommended

as a first step for all problem resolution.   IRIX 5.0.x, 5.1.x ARE

NOT subject to this vulnerability.

**** IRIX 5.2, 6.0, 6.0.1 ****


For the IRIX operating system versions 5.2, 6.0 and 6.0.1, an inst-able

patch has been generated and made available via anonymous ftp and/or your

service/support provider.  The patch is number 373 and will install on

IRIX 5.2, 6.0 and 6.0.1 .

- - -NOTE- Inst-able patches require a patch-aware inst program.  The stock

5.2 inst program with the base install is not patch-aware.  The 6.0

and 6.0.1 inst programs are.  A patch-aware inst program for IRIX 5.2 is

available as patch number 0, 34, or 84.  Any one of these may be used, with

84 the latest, most recommended, and available via your service provider

or the usual SGI anonymous ftp sites.

The SGI anonymous ftp site is ftp.sgi.com (  Additionally,

the alternative SGI anonymous ftp site, sgigate.sgi.com,  can be accessed

to find the same files.  On each of these servers, patch 373 can be found

in the following directories:






                        ##### Checksums ####

The actual patch will be a tar file containing the following files:

Filename:                 patchSG0000373

Algorithm #1 (sum -r):    51249 1 patchSG0000373

Algorithm #2 (sum):       21641 1 patchSG0000373

MD5 checksum:             40A604013A05C2521152ED4B51C5D9A5

Filename:                 patchSG0000373.desktop_eoe_sw

Algorithm #1 (sum -r):    09134 88 patchSG0000373.desktop_eoe_sw

Algorithm #2 (sum):       63013 88 patchSG0000373.desktop_eoe_sw

MD5 checksum:             D74F9BDED3D51E9D28666CADF1B31945

Filename:                 patchSG0000373.idb

Algorithm #1 (sum -r):    50435 1 patchSG0000373.idb

Algorithm #2 (sum):       41363 1 patchSG0000373.idb

MD5 checksum:             790E9A47909BC32D8E9FCE14EA4077D8

- - ------------------------------------

- - --- Further Information/Contacts ---

- - ------------------------------------

For obtaining security information, patches or assistance, please

contact your SGI support provider.

If there are questions about this document, email can be sent to

cse-security-alert@csd.sgi.com .

For reporting *NEW* SGI security issues, email can be sent to

security-alert@sgi.com .

(C) 1999-2000 All rights reserved.