[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] AWStats
- Subject: Re: [cobalt-developers] AWStats
- From: "Zeffie" <cobaltlist@xxxxxxxx>
- Date: Tue Aug 20 06:08:24 2002
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
> So saying using /bin/su over su due to security issues is a little off
> track. I understand your point, but really buy the time they can put a
> trojan version on your machine you are already sool. So at that point
> you must ask yourself, can they only affect that user, or all?
> William L. Thomson Jr.
Not true.
our path (raq4)
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/sbin:/usr
/sbin:/usr/local/bin:/usr/local/sbin
Lets say someome finds/makes a hole in one of our services that run as root
or even the command "passwd" and all they can do is make a file... they
cannot overwrite for whatever reason... now... all they have to do in make
that file in /usr/local/sbin or /usr/local/bin or /sbin and call it su.
Next time you "su" and depend on the path... you send the passwd out in the
mail. and you think your locked out... hey ... no root for you... (untill
you run the real /bin/su) and shortly you will have visitors... with root
access.
HTH
Zeffie
http://www.zeffie.com/
> William L. Thomson Jr.
> Support Group
> Obsidian-Studios Inc.
> 439 Amber Way
> Petaluma, Ca. 94952
> Phone 707.766.9509
> Fax 707.766.8989
> http://www.obsidian-studios.com
>
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers
>