[转贴] 安全漏洞:qq for linux的可执行程序是全局可写的

0 views
Skip to first unread message

陈学芹

unread,
Aug 26, 2008, 1:53:56 PM8/26/08
to 福州linux用户组, sz...@googlegroups.com
原文 http://linux.chinaunix.net/bbs/thread-1025967-1-1.html

评: 在我的PC上按照作者列出的方法检查了下QQ的文件属性,胆战心惊阿,如此的设置,
Tencent好像还在szlug上招人,这个问题应该引起足够的重视,后面的版本要更正.


bybd@localhost:~$ sudo find /usr -perm -00222 -type f -exec ls -l '{}'
\; 2> /dev/null
-rwxrwxrwx 1 root root 604376 2008-07-31 17:02
/usr/share/apps/Tencent/QQ/IMEngineClient
-rwxrwxrwx 1 root root 1764684 2008-07-31 17:02 /usr/share/apps/Tencent/QQ/QQ
-rwxrwxrwx 1 root root 3860480 2008-07-31 17:02
/usr/share/apps/Tencent/QQ/res.db
-rwxrwxrwx 1 root root 45 2008-07-31 17:02 /usr/bin/QQ

bybd@localhost:~$ sudo find ~ -perm -00222 -type f -exec ls -l '{}' \;
2> /dev/null
-rwxrwxrwx 1 bybd bybd 220 2008-08-17 11:27
/home/bybd/.Tencent/QQ/514336954/skin.conf
-rwxrwxrwx 1 bybd bybd 29696 2008-08-18 22:15
/home/bybd/.Tencent/QQ/514336954/User.db
-rwxrwxrwx 1 bybd bybd 5836 2008-08-17 11:27
/home/bybd/.Tencent/QQ/514336954/userset.conf
-rwxrwxrwx 1 bybd bybd 4076 2008-08-19 09:03 /home/bybd/.Tencent/QQ/login.conf
-rwxrwxrwx 1 bybd bybd 220 2008-08-18 07:33
/home/bybd/.Tencent/QQ/379211529/skin.conf
-rwxrwxrwx 1 bybd bybd 24576 2008-08-19 10:36
/home/bybd/.Tencent/QQ/379211529/User.db
-rwxrwxrwx 1 bybd bybd 5836 2008-08-18 07:33
/home/bybd/.Tencent/QQ/379211529/userset.conf
-rwxrwxrwx 1 bybd bybd 3072 2008-08-19 09:03 /home/bybd/.Tencent/QQ/history.db

bybd@localhost:~$ file /usr/share/apps/Tencent/QQ/* /usr/bin/QQ
/usr/share/apps/Tencent/QQ/IMEngineClient: ELF 32-bit LSB executable,
Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked
(uses shared libs), stripped
/usr/share/apps/Tencent/QQ/QQ: ELF 32-bit LSB executable,
Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked
(uses shared libs), stripped
/usr/share/apps/Tencent/QQ/QQ.png: PNG image data, 48 x 48,
8-bit/color RGBA, non-interlaced
/usr/share/apps/Tencent/QQ/res.db: data
/usr/bin/QQ: POSIX shell script text executable


诸位检查过了吗?请报出系统和安装方式。
我是在ubuntu 8.04上安装的官方deb包。
做个记录:
bybd@localhost:~$ sudo find /usr -perm -00222 -type f -exec md5sum
'{}' \; 2> /dev/null
8416cfb5f0050c1b3f705123f7e5d6d8 /usr/share/apps/Tencent/QQ/IMEngineClient
9cdf2ff64a7816420937e482397035db /usr/share/apps/Tencent/QQ/QQ
45efb628fcb7b4ce799d7065b69f3f25 /usr/share/apps/Tencent/QQ/res.db
bbfcf98d6df66d89d376cde36c4c7c61 /usr/bin/QQ


bybd@localhost:~$ sudo find ~ -perm -00222 -type f -exec md5sum '{}'
\; 2> /dev/null
8f9d92b1d11f335edd808331c61b4619 /home/bybd/.Tencent/QQ/514336954/skin.conf
57450aa0e22c3cd413802d5a5d55e52c /home/bybd/.Tencent/QQ/514336954/User.db
7cb2f38fbf97c96ee5a04122742dafc9 /home/bybd/.Tencent/QQ/514336954/userset.conf
54d417ec414a59f0abc3e86d2b3e8695 /home/bybd/.Tencent/QQ/login.conf
8f9d92b1d11f335edd808331c61b4619 /home/bybd/.Tencent/QQ/379211529/skin.conf
1436662a5f2e9bf03324ed4cd1113a16 /home/bybd/.Tencent/QQ/379211529/User.db
7cb2f38fbf97c96ee5a04122742dafc9 /home/bybd/.Tencent/QQ/379211529/userset.conf
0c6cef0738e43c06729c6c4d08392b7e /home/bybd/.Tencent/QQ/history.db

[ 本帖最后由 白丁布衣 于 2008-8-19 11:26 编辑 ]


--
/*
*@author: chen xueqin
*@email: robb...@gmail.com
*@see: http://robbie.bokee.com
*@see: http://groups.google.com/group/fzlug
*@love: freedom,tux,open source
*/

陈学芹

unread,
Sep 2, 2008, 9:56:22 PM9/2/08
to 福州linux用户组, sz...@googlegroups.com
2008-08-29 发布的QQ for Linux 1.0 Preview(106)修正了这个明显的安全漏洞,
qq的程序名也改成了小写,哈,有则改之.
Reply all
Reply to author
Forward
0 new messages