[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] PING CMD & SECURITY
- Subject: Re: [cobalt-developers] PING CMD & SECURITY
- From: Albert Croft <acroft@xxxxxxxxxxxxxxxx>
- Date: Fri Aug 31 00:42:21 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Someone else may know for sure, but my guess is because of the
creation/use of ICMP packets by the ping program, which could
conceivably be used in a nefarious way. The Net::Ping module for perl
does similarly, requiring a program to be setuid root or run by root if
you perform pings using the ICMP protocol.
Date: Thu, 30 Aug 2001 18:13:01 +0200
From: Peter Prochazka <prochazka@xxxxxx>
Organization: BGS a.s.
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-developers] PING CMD & SECURITY
Reply-To: cobalt-developers@xxxxxxxxxxxxxxx
KAMRY wrote:
Would a security whole exist if I enable ping cmd for users other than
root!!
Why Cobalt is restricting it to root?!!
Kal
I don't where is problem
---------- Snip ------------------
[root /root]# hostname
qube.bgs.sk
[root /root]# id
uid=0(root) gid=0(root)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root /root]# ping fornax.sk
PING fornax.sk (147.175.111.112): 56 data bytes
64 bytes from 147.175.111.112: icmp_seq=0 ttl=251 time=46.9 ms
64 bytes from 147.175.111.112: icmp_seq=1 ttl=251 time=45.1 ms
[prochazka prochazka]$ hostname
qube.bgs.sk
[prochazka prochazka]$ id
uid=502(prochazka) gid=100(users)
groups=100(users),500(home),501(guest-share),502(restore)
[prochazka prochazka]$ ping fornax.sk
PING fornax.sk (147.175.111.112): 56 data bytes
64 bytes from 147.175.111.112: icmp_seq=0 ttl=251 time=45.0 ms
64 bytes from 147.175.111.112: icmp_seq=1 ttl=251 time=47.0 ms
--- fornax.sk ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 45.0/46.0/47.0 ms
[prochazka prochazka]$
--- fornax.sk ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 45.1/46.0/46.9 ms
[root /root]#
---------- snap -------------------
I thint it isn't problem with your qube.
I have Qube 3 Profesional with Carmel 6.2
Mamut
--
-Albert Croft
-----
Current (electronic) contact information
Email: acroft@xxxxxxxxxxxxxxxx
WWW: http://www.tyler.net/acroft