chrome os world wide executable vulnerability , bjorn ove arthun

Hosted by Dailymotion. For legal issues report at the Copyright Center, report us on DMC, or use the Instant Removal tool.

chrome os world wide executable vulnerability , bjorn ove arthun

B
Bjorn Ove Arthun

14 Views • Aug 30, 2015

Description

world wide executive, and permissions in chrome os. its potential risk. /home/root 1771 and /tmp 1777 write :
sudo su
ls -lRa *|awk '{text=substr($1,length($1),1);if (text=="t"){printf "---o %s o--- %s\n",text,$0};}'
/sbin/chromeos_startup sets 771 on home/root and 777 on /tmp.
7 is 4 + 2 + 1 for r w x.... why let execute in tmp be on for OTHER. only user and group may execute there.