dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer

Search Topic:
uniqs
4
share rss forum feed

Fickey
Terrorists target your backbone

join:2004-05-31
reply to Anon users

Re: Extremely critical vulnerability Samsung Android devices

said by Anon users :

...Anyone using Droidwall (with rooted stock roms, or custom CM roms) from code.google.com/p/droidwall (latest @v1.57) could be hacked... allowing taking over your whole Android phone...

hint: Look carefully for the OTHERS permission at /data/data/com.googlecode.droidwall/app_bin/droidwall.sh ...

I don't really have any Unix or Linux expertise, but looking at my droidwall.sh & referring to this, I don't see any OTHERS issues. What am I missing?


Anon users

@anonymouse.org
assigning rwx rights for OTHERS is unforgiving in Unix if the user has root privileges. ...Can't commend more, wouldn't detail how to exploit...

Fickey
Terrorists target your backbone

join:2004-05-31
said by Anon users :

assigning rwx rights for OTHERS is unforgiving in Unix if the user has root privileges. ...Can't commend more, wouldn't detail how to exploit...

Understood, but I don't see anything in droidwall.sh that comes close to resembling rwx or 007 or whatever. Maybe because I don't have any custom scripts? Or more likely, it's just over my head.


Anon users

@anonymouse.org
oh, ya don't get my 'riddle' clear, not inside droidwall.sh, just ls -l droidwall.sh