*** This bug is a security vulnerability ***
You have been subscribed to a private security bug by Kees Cook (kees):
Binary package hint: sysvinit
I don't know if this is a bug or not - this is more of a question than a
bug, but it does have reasonable ramifications.
I don't know if this is a sysvinit bug or an upstart compatability bug
in terms of packages.
However /sbin/shutdown has world execute permissions on a default Ubuntu
8.04 install
-rwxr-xr-x 1 root root 61736 2008-04-11 14:49 /sbin/shutdown
this means that anyone could shut down the system without the need for
sudo or hal interaction.
** Affects: sysvinit (Ubuntu)
Importance: Undecided
Status: New
--
/sbin/shutdown world execute permissions
https://bugs.launchpad.net/bugs/244929
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
