A quick solution to this problem is to remove the setuid bit from the netaddpr program. This will prevent users from actively trying to exploit this problem. However, some risk still exists, as an attacker could wait until an administrator executes this program, and attempt to exploit the flaw at this time. While the likelihood of sucess is quite small, the risk still exists. Patches to this, and other printing related problems, are available from SGI.
IRIX addnetpr Printer Temporary File Symlink Local Privilege Escalation
Local Access Required
Loss of Integrity
IRIX contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to the addnetpr program creating temporary files insecurely. It is possible for a user to use a symlink style attack to corrupt arbitrary files, resulting in a loss of integrity.
Upgrade to version 6.3 or higher, as it has been reported to fix this vulnerability. Also, Silicon Graphics, Inc. has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround:
#/usr/sbin/versions -v remove print