|
|
Solaris Tape Device Permissions Vulnerability
The default permissions assigned to scsi tape devices (/dev/rmt*) allow for users to write and read data to and from the device on Solaris machines. The permissions for the devices are automatically set to mode 666. If an admin were to backup files like /etc/shadow, a malicious user could extract the archives and have full read ability on all of the files. |
|
Privacy Statement |