Linux Today: Linux News On Internet Time.


Nov 10, 2001, 20:17 (0 Talkback[s])
(Other stories by Waldo Bastian)
From:   Waldo Bastian <bastian@kde.org>
Reply-To: kde@kde.org
To:     kde-announce@kde.org, kde@kde.org, kde-devel@kde.org
Cc:     kde@freebsd.org
Subject:        SECURITY: efax
Date:   09 Nov 2001 17:36:58 -0800      

The program "efax" which is distributed as part of the klprfax program in the 
kdeutils module poses a security risk when installed suid. "efax" has been 
part of KDE 2.2 and KDE 2.2.1 and is installed suid by default.

Scope: a local user can gain root privileges by exploiting a bug in "efax".

Solution: Remove the suid bit from the "efax" executable. This can be done 
with the following command:

         chmod -s `locate bin/efax`

"efax" will continue to work as before as long as users have sufficient rights 
to create lock files in the system lock directory (like /var/lock) and 
sufficient rights to open the modem device.

bastian@kde.org | SuSE Labs KDE Developer | bastian@suse.com