FG
💻 Software

Are world-readable/writable/executable links in /usr/bin security holes?

Fresh5 days ago
Mar 15, 20264282 views
Confidence Score0%
0%

Problem

This seems to apply to many binaries in , at least on Suse and perhaps other Linux distributions. Doesn't this mean that any compromised account on Suse could modify the symlink, tricking the user into executing anything? If so, why are these the default permissions?

Error Output

% ls -l /usr/bin/edit                                                                                                
lrwxrwxrwx 1 root root 3 Jan 10…

Unverified for your environment

Select your OS to check compatibility.

1 Fix

Canonical Fix
Unverified Fix
New Fix – Awaiting Verification

Fix for: Are world-readable/writable/executable links in /usr/bin security holes?

Low Risk

From the Wikipedia entry for : The file system permissions of a symbolic link usually have relevance only to rename or removal operations of the link itself, not to the access modes of the target file which are controlled by the target file's own pe…

Awaiting Verification

Be the first to verify this fix

Sign in to verify this fix

Environment