COMMAND

    eNetwork Firewall

SYSTEMS AFFECTED

    IBM eNetwork Firewall for AIX

PROBLEM

    Paul Cammidge found following.  The IBM eNetwork Firewall for  AIX
    contains some poorly written scripts, which create temporary files
    in /tmp without  making any attempt  to validate the  existance of
    the  file.   This  allows  any  user  with  shell access to such a
    firewall to corrupt  or possibly modify  system files by  creating
    links,  pipes,  etc  with  the  same  name.   In  a simple example
    submitted to IBM, /etc/passwd  was overwritten.  This  example has
    been published on one of their support web pages as a 'local fix'.
    The problem was reported to IBM early in January.  Initially,  IBM
    responded by telling it was  common practice for software to  make
    use of /tmp.  They  suggested changing the permissions to  prevent
    users from creating symbolic links to sensitive files.

SOLUTION

    An APAR (IR39562) was opened  on 18/01/99 and closed on  13/03/99.
    The fix  has not  yet been  released.   This definately applies to
    version 3.2, and  probably others.   Anyone running this  software
    and  has  users  with  shell  accounts  should  be  aware that the
    potential exists for these users to corrupt files which they  dont
    have access to.