Owned by root, but world rwx'able. Dangerous?
I'm a bit new to securing LINUX, and I've been reading as much as I can find on unix security and decided to have a go on my own box.
In the process, I found a directory and all the files in it to be owned by root, in the group root, but everything had everyone/world rwx permissions. None of the files were SUID or SGID root. Apart from the obvious danger of any user being able to manipulate files, is there anyway that this could be leveraged for privlege escalation? The directory is not an important sytem directory, nor contained in the PATH variable for root or any other user. There is also very little danger of someone else being tricked into executing a file in the directory. While I realize I should probably just strip off the world privleges to a degree... I'm mostly interested in HOW someone would go about leveraging this if it is indeed possible.
Running fedora core w/SElinux...
Also... On a different system (BSD), I noticed that a symbolic link pointing /bin/sh to /bin/bash was everyone rwx'able. the actual /bin/bash file did not have the same problem. Is there anyway someone could use this to like, redirect the link to some other place. (Such as a malicious bash script in their home directory or something) Or is it possible for them to delete the link? This isn't my box so I wasn't willing to try it and find out. ...I could recreate the situation on my box, but I don't know how people leverage poorly configured file permissions. (Though I have noticed on other systems, the links are usually not world writable)
Hope someone can help :)