bob@reed.UUCP (Bob Ankeney) (04/10/91)
A recently posted program brings up a common security problem with Unix
systems - that of read permissions on disk devices in /dev. The posted program
allows files to be read from any filesystem with read permission to the user.
The filesystem need not be mounted. Now might be a good time to check
permissions on your system!
Speaking of permissions, I've noticed a number of Unix systems with mode
777 on the root directory! This is an easy in for anyone wanting super-user
access. I've noticed this on both AT&T and NCR unix boxes.
----------------------------------------------------------------------
Bob Ankeney | "Yield and overcome. |
...!tektronix!reed!bob | Bend and be straight. |
...!tektronix!bob@reed.BITNET | Empty and be full." - Lao Tzu |
----------------------------------------------------------------------bambi@kirk.nmg.bu.oz.au (David J. Hughes) (04/12/91)
From article <16313@reed.UUCP>, by bob@reed.UUCP (Bob Ankeney): > Speaking of permissions, I've noticed a number of Unix systems with mode > 777 on the root directory! This is an easy in for anyone wanting super-user > access. I've noticed this on both AT&T and NCR unix boxes. I have also seen this on Sun's running pre 4.x SunOS. There may be a Sun in a back room somewhere that is a host for anyone wanting root access. David +----------------------------------------------------------------------------+ | David J. Hughes (AKA bambi) | bambi@kirk.bu.oz.au | | Senior Systems Programmer | bambi@kirk.bu.oz.au@uunet.uu.net | | Comms Development & Operations | ..!uunet!munnari!kirk.bu.oz.au!bambi | | Bond University, Gold Coast | Phone : +61 75 951450 | | Queensland, Australia 4229 | Fax : +61 75 951456 | +----------------------------------------------------------------------------+
navarra@casbah.acns.nwu.edu (John 'tms' Navarra) (04/12/91)
In article <2952@kirk.nmg.bu.oz.au> bambi@kirk.nmg.bu.oz.au (David J. Hughes) writes: >From article <16313@reed.UUCP>, by bob@reed.UUCP (Bob Ankeney): >> Speaking of permissions, I've noticed a number of Unix systems with mode >> 777 on the root directory! This is an easy in for anyone wanting super-user >> access. I've noticed this on both AT&T and NCR unix boxes. > >I have also seen this on Sun's running pre 4.x SunOS. There may be a >Sun in a back room somewhere that is a host for anyone wanting root >access. SUN!!!!!! They ship their Unix with /etc/hosts.equiv with a + !! making it possible for ALL machines to have root privs on the thing!!! now how hard is it to take that out? Sounds pretty damn stupid to me. Not to mention all the other security holes they leave in --and don't tell you about! > > >David >+----------------------------------------------------------------------------+ >| David J. Hughes (AKA bambi) | bambi@kirk.bu.oz.au | >| Senior Systems Programmer | bambi@kirk.bu.oz.au@uunet.uu.net | >| Comms Development & Operations | ..!uunet!munnari!kirk.bu.oz.au!bambi | >| Bond University, Gold Coast | Phone : +61 75 951450 | >| Queensland, Australia 4229 | Fax : +61 75 951456 | >+----------------------------------------------------------------------------+ -- From the Lab of the MaD ScIenTiST: navarra@casbah.acns.nwu.edu
ssd@engr.ucf.edu (Steven S. Dick) (04/13/91)
> Not to mention all the other security holes they leave in --and don't > tell you about! My favorite is the chmod 666 /etc/motd that is in /etc/rc.local... I WONDERED where those silly messages in /etc/motd were coming from!! Steve ssd@engr.ucf.edu