Subject: Re: New thing...
To: Mason Loring Bliss <>
From: Michael K. Sanders <>
List: tech-security
Date: 03/29/1999 13:33:49
In message <>, Mason Loring Bliss w
>This just came across a company list. I haven't checked it for applicability
>to us, and I haven't seen a "formal" warning as yet, but here it is anyway:

This was first pointed out on BugTraq by someone who made it sound
like a NetBSD-specific problem... a fix was committed and posted to
BugTraq shortly thereafter.

>Vulnerability in XFree86
>   scoop - March 28th 1999, 23:15 EST
>   A new vulnerability has been found in XFree86. XFree86 creates a
>   directory in /tmp with the name .X11-unix for the X sockets and sets
>   the directory to mode 1777. If an attacker creates a symlink with that
>   filename and points it to another directory (e.g. /root), the permissions
>   of the target directory is set to 1777, thus a local attacker may create
>   files with any contents in any directory. The original SuSe security is
>   available at the Bugtraq archive. Updated packages for SuSe Linux are
>   available on the SuSe FTP Server.
>Mason Loring Bliss             ((  "In the drowsy dark cave of the mind dreams
>  ))  build  their nest  with fragments  dropped
> ((   from day's caravan." - Rabindranath Tagore