Resolution
goal
How do I configure uroot to ignore a dot (.) in the path.
fact
VigilEnt Security Agent for Unix 4.0
fact
VigilEnt Security Agent for Unix 5.0
fix
How do I configure uroot to ignore a dot (.) in the path.
fact
VigilEnt Security Agent for Unix 4.0
fact
VigilEnt Security Agent for Unix 5.0
fix
The ignore_dot variable in uroot determines whether the shell to accepts or denies a "." in the path of an assumed process.
Vulnerability:
By having a dot in the path, it is possible to inadvertently allow an unprivileged user to gain access to host resources. If "." is in the path, there is a possibility that a malicious script could be picked up first and execute several Unix commands giving users undesired access.
Turning ignore_dot on solves this vulnerability.
Enabling ignore_dot feature for uroot:
- Using your favorite editor, load /etc/uroot.cfg
- Somewhere near the top of the file (preferrably after the lines that start with a #), type in this line:
- Save the file
Defaults:ALL ignore_dot
Additional Information
Formerly known as NETIQKB37614