hjespersen@trillium.waterloo.edu (06/04/89)
In article <1528@sialis.mn.org> rjg@sialis.mn.org (Robert J. Granvin) writes: >The original points were actually correct. But to add onto it, many >of you will notice that / has permissions of 777. Not on _my_ system. Give me any valid login and a / that is 777 and I'll have root in about 30 seconds. -- Hans Jespersen hjespersen@trillium.water.edu uunet!watmath!trillium!hjespersen
jbm@uncle.UUCP (John B. Milton) (06/05/89)
In article <14270@watdragon.waterloo.edu> hjespersen@trillium.waterloo.edu () writes: >In article <1528@sialis.mn.org> rjg@sialis.mn.org (Robert J. Granvin) writes: > >>The original points were actually correct. But to add onto it, many >>of you will notice that / has permissions of 777. > >Not on _my_ system. Give me any valid login and a / that is 777 and >I'll have root in about 30 seconds. One of several hundred different ways around security on the UNIXpc. To tighten security you have to start off by removing ua and smgr from the system, then you have a chance of getting the UNIXpc security to approach that of most other SYSV boxes John -- John Bly Milton IV, jbm@uncle.UUCP, n8emr!uncle!jbm@osu-cis.cis.ohio-state.edu (614) h:294-4823, w:764-2933; N8KSN, AMPR: 44.70.0.52; Don't FLAME, inform!
hjespersen@trillium.waterloo.edu (Hans Jespersen) (06/05/89)
In article <537@uncle.UUCP> jbm@uncle.UUCP (John B. Milton) writes: [root being 777 is a big security hole] >One of several hundred different ways around security on the UNIXpc. To tighten >security you have to start off by removing ua and smgr from the system, then >you have a chance of getting the UNIXpc security to approach that of most other >SYSV boxes True, but many of the UNIXpc security holes are specific to the UNIXpc. It requires a good level of knowledge to exploit them. Not that they are hard, but most users would require some time to find them due to an unfamiliarity with the machine. On the other hand, having a root directory that is 777 is asking to be broken an would be a standard thing to check for on ANY Unix box. -- Hans Jespersen hjespersen@trillium.waterloo.edu uunet!watmath!trillium!hjespersen
rjg@sialis.mn.org (Robert J. Granvin) (06/06/89)
>True, but many of the UNIXpc security holes are specific to the UNIXpc. >It requires a good level of knowledge to exploit them. Not that they >are hard, but most users would require some time to find them due to >an unfamiliarity with the machine. On the other hand, having a root >directory that is 777 is asking to be broken an would be a standard >thing to check for on ANY Unix box. A fair level of knowledge really. Not necessarily a good level. Today, you can be fairly certain that if a person has a personal machine on the net, that it's more than likely some sort of Unix/Xenix PC type box, or a 3b1/7300. Map distributions notoriously describe the machine you are using, in significant detail. You can also guess what type of system a person has by what newsgroups that person is active in. Other 3b1 utilities make it easier for a security breach as well, without having to go through much difficulties. Have you passworded your "install" login? Even someone who is completely scared off by 'root' can work around 'install' quite easily. I once watched someone diligently attempt to break into my machine via install... Oh, pity the wasted time of the poor fool... :-) It is a mistake to assume that a security breach will immediately come from a direct route. -- ________Robert J. Granvin________ INTERNET: rjg@sialis.mn.org ____National Computer Systems____ CONFUSED: rjg%sialis.mn.org@shamash.cdc.com __National Information Services__ UUCP: ...uunet!rosevax!sialis!rjg "Exxon: Our gasoline contains no sea water"