Patch-ID# 101080-01
Keywords: CTE5592, ex, security, vi, expreserve
Synopsis: SunOS 4.1.1 4.1.2 4.1.3: security problem with expreserve
Date: Jun/09/93
 
SunOS release: 4.1.1 4.1.2 4.1.3
 
Unbundled Product: 
 
Unbundled Release: 
 
Topic: 
 
BugId's fixed with this patch: 1044909, 1083183

Changes incorporated in this version: 

Architectures for which this patch is available: sun3(all), sun4(all)

Patches which may conflict with this patch: 

Obsoleted by: 

NOTE: This patch obsoletes patch 100251-01.

Files included with this patch: expreserve

Problem Description: 
1044909	race condition when file is created owned by root.
1083183	expreserve can be used to overwite any file.

INSTALL: 
	Login as root.

	mv /usr/lib/expreserve /usr/lib/expreserve.FCS
	chmod 600 /usr/lib/expreserve.FCS

	cp `arch`/expreserve /usr/lib/expreserve
	chown root.staff /usr/lib/expreserve
	chmod 4755 /usr/lib/expreserve
