TUCoPS :: Unix :: General :: ups2-2.htm


TUCoPS :: Unix :: General :: ups2-2.htm

MGE UPS - Inappropriate Permissions 
Vulnerability
 UPS
Affected
 Systems running MGE UPS Systems
Description
 Ryan Murray found following. MGE UPS's Solution Pac software
 firstly installs as mode 666/777, which, although easy to correct,
 should be fixed. Next, the programs, when starting up, create
 lock files in /tmp:
 COM_init.lock
 MON_init.lock
 These files are created with mode 666, and ignore the current
 umask.
Solution
 As for first problem, just change permissions. As for second
 problem, you may want to clear /tmp at boot, at least for the lock
 files. Otherwise any user can turn any file on the system to 0
 bytes.

AltStyle によって変換されたページ (->オリジナル) /

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH