[ut2003io] Updater makes files world-writable
Ian Hastie
ianh at ordinal.freeserve.co.uk
Wed Nov 20 20:12:22 EST 2002
Matthew Arnold wrote:
> I was perusing my /var/log/messages and saw a bunch of warnings about
> a number of files being world-writable. It seems that every file the
> UT2K3 updater touches gets its permissions changed to 777. I don't
> know how much of a security threat this is, but it probably isn't A
> Good Thing.
>
After receiving this warning I checked and can definitely say it didn't
happen here. Seems odd that it would make them all 777 too. umask
problem perhaps?
As to the security threat. Well you never run UT2k3 as root do you?
Apart from that you'd need full user access to the system in order to
modify the file and that wouldn't really get you anything extra. I know
this isn't always the case, but it's a lot harder to do otherwise. Even
so it definitley isn't a Good Thing!
Ian.
More information about the ut2003
mailing list