niXforums Forum Index
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   PreferencesPreferences   Log in to check your private messagesLog in to check your private messages   Log inLog in 
·  nixdoc.net ·  man pages ·  Linux HOWTOs ·  FreeBSD Tips ·  Forums
navigation Forum index » *nix » SGI/IRIX » admin
If you admin IRIX 6.5.21 to 6.5.27...
Post new topic   Reply to topic Page 2 of 2 [17 Posts] View previous topic :: View next topic
Goto page:  Previous  1, 2
Author Message
J.A. Gutierrez
*nix forums beginner


Joined: 25 Mar 2003
Posts: 25

PostPosted: Tue Apr 26, 2005 12:42 pm    Post subject: Re: If you admin IRIX 6.5.21 to 6.5.27... Reply with quote
R. Lynn Rardin <rardin@orion.rose.brandeis.edu> wrote:

: Is removing the suid root bit the only impact of applying
: patchSG0005869? That seems to be what you're implying. If

It seems is not.
In that case, I guess you will lose the remote monitorization
feature (since it uses rsh protocol).

Anyway, patchSG0005869 includes only a /usr/sbin/gr_osview
executable, which still is setuid root, but which gives
"Permission denied" if you try the known exploit.

: that's the case, why didn't SGI see fit to release the patch
: for 6.5.22?

Get the patch, extract the file, and replace the old one.
It works (at least on 6.5.22f running on IP22).


--
PGP and other useless info at \
http://webdiis.unizar.es/~spd/ \
finger://daphne.cps.unizar.es/spd \ Timeo Danaos et dona ferentes
ftp://ivo.cps.unizar.es/pub/ \ (Virgilio)
Back to top
J.A. Gutierrez
*nix forums beginner


Joined: 25 Mar 2003
Posts: 25

PostPosted: Thu Apr 28, 2005 9:30 am    Post subject: Re: If you admin IRIX 6.5.21 to 6.5.27... Reply with quote
R. Lynn Rardin <rardin@orion.rose.brandeis.edu> wrote:

: specific patch for 6.5.22. Could it be that the patched
: gr_osview opens up a new vulnerability under 6.5.22, but
: not under 6.5.23+?

I don't think so; but is possible.

But, at least, the widely known vulnerability is fixed,
which is better than nothing

--
PGP and other useless info at \
http://webdiis.unizar.es/~spd/ \
finger://daphne.cps.unizar.es/spd \ Timeo Danaos et dona ferentes
ftp://ivo.cps.unizar.es/pub/ \ (Virgilio)
Back to top
Google
Back to top
Display posts from previous:   
Post new topic   Reply to topic Page 2 of 2 [17 Posts] Goto page:  Previous  1, 2
View previous topic :: View next topic
The time now is Thu Jan 08, 2009 9:30 am | All times are GMT
navigation Forum index » *nix » SGI/IRIX » admin
Jump to:  

Similar Topics
Topic Author Forum Replies Last Post
No new posts Need help getting Sony DAT tape drive to work on Irix 6.5 trebor SGI/IRIX 1 Sun Apr 13, 2008 3:19 am
No new posts unable to start db2 admin server qin_23 IBM DB2 5 Wed Jul 19, 2006 3:31 pm
No new posts IRIX 6.5 media, Silicon Valley bay area iein SGI/IRIX 0 Thu Jul 13, 2006 8:51 pm
No new posts Small job for proficient qmail/linux admin Alan Valentine Qmail 0 Thu Jul 13, 2006 2:56 pm
No new posts Errors compiling MySQL 5.0.22 on IRIX 6.5.25 Penny Oots MySQL 0 Fri Jul 07, 2006 2:32 pm

Credit Cards | Bankruptcy Certification | Web Advertising | Loans | Myspace Layouts
Copyright © 2004-2005 DeniX Solutions SRL
 
Other DeniX Solutions sites: Unix/Linux blog |  electronics forum |  medicine forum |  science forum | 
Privacy Policy


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.2030s ][ Queries: 16 (0.1247s) ][ GZIP on - Debug on ]