COMMAND

    prwarn(1)

SYSTEMS AFFECTED

    SCO Unix System V/386 Release 3.2 Versions 4.2, 4.1, and 4.0
    SCO Open Desktop Lite Release 3.0
    SCO Open Desktop Release 3.0 and 2.0
    SCO Open Server Network System Release 3.0
    SCO Open Server Enterprise System Release 3.0

PROBLEM

    prwarn can be used to create files around the filesystem as  group
    auth.

    Unfortunately the $HOME/.prwarn_time  file is opened  while prwarn
    has group-auth  privileges, and  no checks  are made  on the  file
    before  it  is  opened;  hence  a  symlink  may be inserted and an
    arbitrary file created.

    % rm -f ~/.prwarn_time
    % ln -s /etc/8LGMFILE ~/.prwarn_time
    % prwarn -d infinite -t always

    /etc/8LGMFILE will  be created.   The file  will be  owned by you,
    and will be mode  600.  Files may  be created in group  auth owned
    directories.

SOLUTION

    Contact SCO for a patch.
    The patch is available at ftp.sco.COM:/SSE/sse003.*