Red Hat Bugzilla – Bug 23202
Insecure permissions on /usr/bin/*server
Last modified: 2008-05-01 11:37:59 EDT
Look at e.g. /usr/bin/jserver
It is setuid to user "wnn". So are three other related binaries. Is this
hope not - jserver is very insecure. Quick inspection shows a buffer
a static buffer when using the "-f" command line flag.
Note that a compromise of user "wnn" is very dangerous - it could assist
root because the "jserver" daemon runs as euid=wnn, ruid=root
This defect is considered MUST-FIX for Florence Gold release
Adrian: I need some sort of update on what is going on with this program.
euid/egid and ruid/rgid both set to the current effective uid and gid (which
should both be wnn)