Patch-ID# 101579-01 Keywords: ex, security, vi, expreserve, 101080-01 ported to 4.1.3_U1 Synopsis: SunOS 4.1.3_U1: Security problem with expreserve for Solaris 1.1.1 Date: Mar/07/94 Solaris Release: 1.1.1A SunOS release: 4.1.3_U1A NOTE: For the patch for SunOS 4.1.1, 4.1.2, 4.1.3, please see patch 101080-01 Unbundled Product: Unbundled Release: Topic: BugId's fixed with this patch: 1044909 1083183 Relevant Architecture: sparc NOTE: sun4, sun4c, sun4m Patches which may conflict with this patch: Obsoleted by: Problem Description: 1044909 race condition when file is created owned by root. 1083183 expreserve can be used to overwite any file. INSTALL: 1) login as root 2) mv /usr/lib/expreserve /usr/lib/expreserve.FCS 3) chmod 600 /usr/lib/expreserve.FCS 4) cp `arch -k`/expreserve /usr/lib/expreserve 5) chown root.staff /usr/lib/expreserve 6) chmod 4755 /usr/lib/expreserve