[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Group-writable executable in OpenLDAP

Title: Group-writable executable in OpenLDAP
Released by: Dr. Christian Kleinewaechter
Date: 26th October 2000
Printable version: Click here
OpenLDAP installs the ud binary in $binpath with mode 775 and default

group (i.e. either you primary gid or the directories gid). Of course the

consequences depend on which group this actually is. This was checked with

1.2.11 (latest stable), but probably also exists in earlier versions,

since the Makefile.in is dated 1/14/1999. Developers have been notified

and fixed this issue (at least in the CVS tree). So either change the mode

in line

  $(LTINSTALL) $(INSTALLFLAGS) -m 775 ud $(bindir)


  $(LTINSTALL) $(INSTALLFLAGS) -m 755 ud $(bindir)

in clients/ud/Makefile.in (resp. clients/ud/Makefile if you don't use

autoconf) or chmod the executable afterwards (or maybe do nothing at all

if "default group" is a trusted group).


 Dr. Christian Kleinewaechter

 Universitaet Bielefeld


                    Wieviel Prozent hat ein Bit?

(C) 1999-2000 All rights reserved.