-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________________
    Silicon Graphics Inc. Security Advisory

  Title: colorview program allows reading of any file
    Number:  19950209-00-P
    Date:  February, 9, 1995
________________________________________________________________________________

Silicon Graphics provides this information freely to the SGI community
for its consideration, interpretation and implementation.   Silicon Graphics
recommends that this information be acted upon as soon as possible.

Silicon Graphics will not be liable for any consequential damages arising
from the use of, or failure to use or use properly, any of the instructions
or information in this Security Advisory.
________________________________________________________________________________


A vulnerability has been discovered in the IRIX 5.1.x, 5.2, 6.0 and
6.0.1 operating systems which would allow the colorview program to be 
used to view any file on the system.

SGI Engineering has investigated this issue and recommends the following 
steps for neutralizing the exposure.  It is HIGHLY RECOMMENDED that these 
measures be done on ALL SGI systems running IRIX 5.1.x,  5.2, 6.0 and
6.0.1 . The issue will be permanently corrected in future releases of IRIX.


- --------------------------
- --- Immediate Solution ---
- --------------------------
  

To correct this issue, it is recommended to remove the setuid bit on the
colorview program.  The following steps are provided to do this.


  1) Become the root user on the system.
  
    % /bin/su
    Password:
    #

  2) Change the permissions on the colorview program to remove
  the setuid permission.

    # chmod u-s /usr/sbin/colorview


  3) Verify the permissions and ownership to be as follows 
  after step 2.

    # cd /usr/sbin
    # ls -al colorview
    -rwxr-xr-x    1 root  sys   396376 Jan 18 18:40 colorview



- --------------------------
- --- Long Term Solution ---
- --------------------------


There is no patch for this issue.  For 5.1.x and 5.2 versions, this has 
been corrected in IRIX 5.3.



- ------------------------------------
- --- Further Information/Contacts ---
- ------------------------------------

For obtaining security information, patches or assistance, please
contact your SGI support provider.

For reporting new SGI security issues, email can be sent to
security-alert@sgi.com .



-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAwUBL0ov39w7/Z6dLXhtAQEp5AQAp5TMbJbiSRjBQxYCJ2RQc0kU6D1AIb9j
mYGeQj2Bdre7VLB0oNRQMU1H/nG8V4edSUPeFckhzgk5AZn8kSqojJiGs1WVEEHM
jdU1bppt3PTaSwIVJDDEKk5+cs4xc5VaCrsK64K4ZI/PYMoqqyF8+lxyKs1KDCrG
KMpSwsrBulc=
=emdw
-----END PGP SIGNATURE-----