Note: This is an archival copy of Security Sun Alert 200791 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000606.1.
Solaris 9 Operating System
Solaris 8 Operating System
Date of Resolved Release
A local unprivileged user with a custom rights profile (see profiles(1)) may be able to execute a profile command with greater privileges than originally assigned, if the execution profiles database (exec_attr(4)) contains an invalid entry for that custom rights profile.
This issue can occur in the following releases:
The pfexec(1) program is used to execute commands with the attributes specified by the user's profiles in the exec_attr(4) database. A user must be part of an execution profile in addition to the default profiles of "Basic Solaris User" and "All". A user can determine which profiles they are part of by running the profiles(1) command, as in this example:
% profiles Basic Solaris User All
There are no reliable symptoms that would show the described issue has been exploited to gain unauthorized elevated privileges on a host.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment