dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
6
Fickey
Terrorists target your backbone
join:2004-05-31

Fickey to Anon users

Member

to Anon users

Re: Extremely critical vulnerability Samsung Android devices

said by Anon users :

...Anyone using Droidwall (with rooted stock roms, or custom CM roms) from code.google.com/p/droidwall (latest @v1.57) could be hacked... allowing taking over your whole Android phone...

hint: Look carefully for the OTHERS permission at /data/data/com.googlecode.droidwall/app_bin/droidwall.sh ...

I don't really have any Unix or Linux expertise, but looking at my droidwall.sh & referring to this, I don't see any OTHERS issues. What am I missing?

Anon users
@anonymouse.org

Anon users

Anon

assigning rwx rights for OTHERS is unforgiving in Unix if the user has root privileges. ...Can't commend more, wouldn't detail how to exploit...
Fickey
Terrorists target your backbone
join:2004-05-31

Fickey

Member

said by Anon users :

assigning rwx rights for OTHERS is unforgiving in Unix if the user has root privileges. ...Can't commend more, wouldn't detail how to exploit...

Understood, but I don't see anything in droidwall.sh that comes close to resembling rwx or 007 or whatever. Maybe because I don't have any custom scripts? Or more likely, it's just over my head.

Anon users
@anonymouse.org

Anon users

Anon

oh, ya don't get my 'riddle' clear, not inside droidwall.sh, just ls -l droidwall.sh