RE: (RHE4) Logrotate Not Restarting Syslog



> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-
> bounces@xxxxxxxxxx] On Behalf Of Bill Tangren
> Sent: Tuesday, January 31, 2006 4:44 PM
> To: General Red Hat Linux discussion list
> Subject: Re: (RHE4) Logrotate Not Restarting Syslog
>
> Jason Williard wrote:
> >>>Does anyone know why this is not working?
> >>
> >>Maybe, but I had something similar which was caused because the /tmp
> >>partition mounted with noexec.
> >
> >
> >
> > That appears to have been my issue. I removed noexec from that line
in
> > /etc/fstab, restarted and now things are working again.
> >
> > Thanks,
> > Jason
> >
>
> You may want to be careful with that solution. Everyone on your system
has
> access to /tmp. I believe noexec is there for security reasons. You
might
> want
> to consider Sean's solution instead.
>
> Bill

Yes, the presence of 'noexec' may by due to security reasons. For
example, someone can create file in /tmp and set its executable bit. Of
course, this by itself does not present security problem. However,
suppose that another user has current directory (.) in his PATH before
standard directories (yes, this is not recommended, but some users still
doing it). Then, if the user's current directory is /tmp and the
executable file is named as some commonly used program (suc as 'ls'),
the program in /tmp will be executed instead of standard 'ls' when the
user is in /tmp directory. The program will be executed with id ID of
user who wanted to execute 'ls', not the user who created the program -
this can have several security consequences.
However, I think that the presence of the ability to execute programs in
/tmp without other security weaknesses, such as '.' in PATH will not
make the system vulnerable to attacks.

Alexey Fadyushin
Brainbench MVP for Linux.
http://eee.brainbench.com

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Relevant Pages

  • Re: Its COBOL, Jim, but not as we know it...
    ... ActiveX control has no more permissions on your system than a Java ... It is _you_ that has improved the security, ... MicroSoft system of signed authentication which is used by ActiveX controls. ... Microsoft email can automatically execute an attachment. ...
    (comp.lang.cobol)
  • [NEWS] DB2 on iSeries Stored Procedures Vulnerability
    ... Beyond Security would like to welcome Tiscali World Online ... This vulnerability lets an otherwise limited user execute iSeries ... This vulnerability lets a user execute REXX scripts. ... CL programs sources are kept in Source files. ...
    (Securiteam)
  • [Full-Disclosure] Flaws security feature of SP2
    ... Author: Jürgen Schmidt, heise Security ... Windows Explorer does not update zone information ... When a user tries to execute a file downloaded from the ... files from archives with a ZoneID greater than or equal ...
    (Full-Disclosure)
  • RE: [Full-Disclosure] Flaws security feature of SP2
    ... Flaws security feature of SP2 ... Windows Explorer does not update zone information ... When a user tries to execute a file downloaded from the ... files from archives with a ZoneID greater than or equal ...
    (Full-Disclosure)
  • Re: Mac viruses are easy to make...
    ... "Mac vs. Windows Security: Mac Benefits Explained" ... The only time it is checked is when these priv levels are attempting to execute at higher privs. ... This outlines several BUFFER OVERFLOW scenarios that involved AFP, which means that the system was REMOTELY VULNERABLE. ...
    (comp.sys.mac.advocacy)