Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200206102507.GA11632@f195.suse.de>
Date: Thu, 6 Feb 2020 11:25:07 +0100
From: Matthias Gerstner <mgerstner@...e.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2019-18901: mariadb: possible symlink attack
 for the mysql user in the SUSE specific mysql-systemd-helper script

Hello Larry,

On Wed, Feb 05, 2020 at 11:31:55AM -0500, Larry W. Cashdollar wrote:
> That chmod 640 might be interesting if applied to /etc/shadow.
> It > could allow some users to read the password hashes.

true. Generally it allows to grant groups read permissions on files. I'm
not aware of an instance where this directly allows the mysql user to
escalate privileges. But it could work when combined with further
weaknesses in the system that allow to compromise further user/group
accounts.

Cheers

Matthias

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.