COMMAND

	nsd temporary file symlink vulnerability

SYSTEMS AFFECTED

	IRIX 6.5 to 6.5.10

PROBLEM

	In   SGI   security   [http://www.sgi.com/support/security/]    advisory
	[20020501-01-I] :
	

	It has been reported that nsd  was  not  checking  the  permissions  and
	ownership of its dump file \"/var/tmp/nsd.dump\"  prior  to  writing  to
	it.
	

	If a user was to first create a symlink from another  file  pointing  to
	/var/tmp/nsd.dump and  then  an  already-privileged  user  sent  a  USR1
	signal to the nsd process, the file could be  damaged  or  modified.  If
	successfully exploited, this could lead to a root compromise.

SOLUTION

	Upgrade to IRIX 6.5.11 or later.