as a newby (and a root on a hd installed- Knoppix) What's the sollution to prevent this???
http://www.securitytracker.com/alert...l/1007142.html
KNOPPIX CD Default Configuration May Let Local Users Grab Root Privileges
SecurityTracker Alert ID: 1007142
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Jul 9 2003
Impact: Modification of system information, Modification of user information, Root access via local system
Exploit Included: Yes
Description: A vulnerability was reported in the default configuration of the KNOPPIX CD. A local user can obtain root privileges.
It is reported that the "knx-hdinstall" default configuration creates unsafe temporary files in the '/tmp/.qt/' directory: 'qt_plugins_3.0rc', and 'qt_plugins_3.0rc.lock'. A local user can create a symbolic link (symlink) from a critical file on the system to one of these temporary files. Then, when a target user logs in, the symlinked file will be overwritten with the privileges of the target user, potentially including the root user.
Impact: A local user can cause a target user to overwrite a file on the system with the privileges of the target user. This can be exploited by a local user to potentially obtain root privileges.
Solution: No solution was available at the time of this entry.
Vendor URL: www.knoppix.org/ (Links to External Site)
Cause: Access control error, State error
Reported By: Hugo "Vazquez" "Carames" <overclocking_a_la_abuela@hotmail.com>
Message History: None.
as a newby (and a root on a hd installed- Knoppix) What's the sollution to prevent this???
I installed with an older build of 3.2 and have no such directory.
The solution is to reboot your pc... all user created files in /tmp will be deleted, even on a hard drive install.
This is (IMHO) a very LOW risk (but one I want to be aware of regardless). Here's why I would consider this low risk: you need local (hands on) access to install or use knoppix from a cd anyways! When you have physical access, and boot from a knoppix cd, root access is readily available. After you do a hard drive install and reboot, the system security is only going to be as good as your setup guarding against know vulnerabilities.
My two cents, and worth every penny.
~paul
NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*
$18.00
New Cisco GLC-TE 1G SFP Copper RJ45 100m 1000BASE-T Transceiver Module
$19.99
Lot (10) Dell 0N8TDR 850nm SFP-10G-SR-85C 10Gbs sfp+ FTLX8574D3BNL-FC N8TDR NEW
$68.00
New Sealed Cisco SFP-10G-LR 10GBASE-LR SFP Plug-in Transceiver Module
$15.00
NEW FS SFP-10G-T 10GBASE T SFP+ 30M Transceiver Module (Lot of 1 Unit)
$39.95
🔥🔥🔥SFP-10G-SR V03 Original CISCO 10-2415-03 850nm 10GB SFP+ Multi Module🔥🔥
$6.80
GENUINE Cisco SFP-10G-SR V03 SFP+ GBIC Transceiver Module 10-2415-03
$6.80
For Cisco SFP-10G-T, Ubiquiti UF-RJ45-10G Transceiver, SFP+ to RJ45 10GBase-T
$47.49
Finisar Accessory FTLF1318P3BTL 1.25Gb/s SFP Transceiver RoHS Compliant 1310nm
$31.01
NEW Sealed Cisco GLC-TE SFP Copper RJ45 100m 1000BASE-T Transceiver*US Shipping*
$20.00