Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Aug 14, 2000

  • Conectiva Linux security announcemente - PERL (2000-08-14 00:32:37)
    "sperl, shipped with the perl package, is a SUID root program that, under certain conditions, uses /bin/mail to send out a warning. This is done in an insecure manner and can be exploited to obtain root privileges."

  • Red Hat Security Advisory: Updated usermode packages. (2000-08-14 00:22:25)
    "While being able to halt, poweroff, and reboot is a desirable thing, an unprivileged user can also bring the system to single-user mode by running "shutdown now" with no additional flags. This update removes the "shutdown" command from the list of commands unprivileged users can run."

  • Conectiva Linux security announcement - usermode (2000-08-14 00:14:47)
    "The shutdown command is one of those privileged commands, and console users can issue this command to switch to runlevel 1, thus obtaining root privileges."