Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security issues with universal access of file
Homework and Emergencies Homework & Coursework Questions Security issues with universal access of file Post 302526912 by linux17 on Thursday 2nd of June 2011 12:33:31 AM
Old 06-02-2011
Security issues with universal access of file
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!

1. The problem statement, all variables and given/known data:


If you look at the permissions associated with a symbolic link, it has universal access. Does this lead to security issues? Why?



VI editor chapter



i created a file with the vi filename and use umask 022 umask066 to check the permission of the file.
Last edited by linux17; 06-02-2011 at 05:01 PM..
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

NFS security issues with lockd and statd

We are trying to implement a NAS solution with UNIX servers and multiple networks, and I've heard that NFS has security issues with lockd and statd. The security issue as it was explained to me is that these services are subject to vulnerabilities/exploits, and that users who connect to Unix... (1 Reply)
Discussion started by: onceagain
1 Replies

2. Solaris

Security of root access

Hi, The security auditor give a this statement , what to do ? On my solaris system (S10) "The User ID "root" should not be used on the system - the su and the priviledged account should be used from each administrator for accountability purposes" What to do ? (3 Replies)
Discussion started by: falcon16
3 Replies

3. SuSE

"scp" access denied:/etc/security/access.conf

Guys i have 2 SUSE Linux Enterprise Server 10 SP1 (i586) boxes.if i take a look into /etc/security/access.conf ,i see following lines at the eof # All other users should be denied to get access from all sources. #- : ALL : ALL - : myID : ALL now earlier i had written scripts where files... (1 Reply)
Discussion started by: ak835
1 Replies

4. UNIX for Advanced & Expert Users

Flagged Drives Create Access Privilege Issues

Upon trying to open up permissions between 2 accounts in Snow Leopard I caused the os to crash - restarting/turning off then on did nothing - the os would no longer load. I took it into Apple where they got the os back up and running with a slight twist. The secondary drive was flagged (a little... (0 Replies)
Discussion started by: Alexander4444
0 Replies

5. UNIX for Dummies Questions & Answers

"Universal" sar option to check for paging issues?

Hi, Can anyone please advise a universal command option for using sar to check for paging/memory issues. For Linux, I used sar -B and check on the majflt/s column and a high number is supposed to indicate paging issues, is that correct? Unfortunately, on a Solaris server, sar -B does not... (1 Reply)
Discussion started by: newbie_01
1 Replies

6. UNIX for Advanced & Expert Users

Cron security issues?

Does the use of cron (HP-UX 11) present a security risk IF it is only given to accounts which have shell access anyway. If it does present a risk, what is the risk? Can a script (or command) run via cron; run anything, write anywhere or read anywhere that the same user can not do outside of... (2 Replies)
Discussion started by: eileenkeeney
2 Replies

7. UNIX for Beginners Questions & Answers

Find command with Ignore Access issues

Hi, I am using following command to find a specific file. find . -name "find*.txt" -type f -print I am issuing that command at root directory since I don't know in which sub folder that file is getting created from some other process. As I am not having access to all directories, my... (3 Replies)
Discussion started by: RameshCh
3 Replies

LEARN ABOUT REDHAT

mkstemp

MKSTEMP(3)						     Linux Programmer's Manual							MKSTEMP(3)

NAME

       mkstemp - create a unique temporary file

SYNOPSIS

       #include <stdlib.h>

       int mkstemp(char *template);

DESCRIPTION

       The  mkstemp() function generates a unique temporary file name from template.  The last six characters of template must be XXXXXX and these
       are replaced with a string that makes the filename unique. The file is then created with mode read/write and permissions 0666 (glibc  2.0.6
       and earlier), 0600 (glibc 2.0.7 and later).  Since it will be modified, template must not be a string constant, but should be declared as a
       character array.  The file is opened with the O_EXCL flag, guaranteeing that when mkstemp returns successfully we are the only user.

RETURN VALUE

       The mkstemp() function returns the file descriptor fd of the temporary file or -1 on error.

ERRORS

       EINVAL The last six characters of template were not XXXXXX.  Now template is unchanged.

       EEXIST Could not create a unique temporary filename.  Now the contents of template are undefined.

NOTES

       The old behaviour (creating a file with mode 0666) may be a security risk, especially since other Unix  flavours  use  0600,  and  somebody
       might overlook this detail when porting programs.

       More generally, the POSIX specification does not say anything about file modes, so the application should make sure its umask is set appro-
       priately before calling mkstemp.

CONFORMING TO

       BSD 4.3, POSIX 1003.1-2001

NOTE

       The prototype is in <unistd.h> for libc4, libc5, glibc1; glibc2 follows the Single Unix Specification and has the prototype in <stdlib.h>.

SEE ALSO

       mkdtemp(3), mktemp(3), tmpnam(3), tempnam(3), tmpfile(3)

GNU
								    2001-12-23								MKSTEMP(3)
All times are GMT -4. The time now is 08:45 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy