Note: This is an archival copy of Security Sun Alert 200168 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000123.1.
Solaris 9 Operating System
Date of Resolved Release
A local unprivileged user may be able to gain unauthorized root access due to a security issue with the newtask(1) command in Solaris 9.
This issue can occur in the following releases:
Notes: Solaris 2.6 and 7 do not have the newtask(1) command and are therefore not affected by this issue.
Solaris 8 is not affected by this issue.
There are no predictable symptoms that would show the described problem has been exploited to gain root privileges.
To work around the described issue, remove the setuid bit from newtask(1):
# chmod u-s /usr/bin/sparcv7/newtask # chmod u-s /usr/bin/sparcv9/newtask # chmod u-s /usr/bin/i86/newtask
Note: removing the set-user-ID bit from the "newtask" binary will prevent unprivileged users from using the "newtask" command.
This issue is addressed in the following releases:
This solution has no attachment