RE: Root usage and applications

["Kain, Becki (B.)" <bkain1 () ford com>]

What, if any, exploits have been shown for the decendant of HPOV, IBM
Tivoli Netview, which also runs as root?

Tia!

-Becki Kain


-----Original Message-----
From: Barrie Dempster [mailto:barrie () reboot-robot net] 
Sent: Wednesday, November 16, 2005 5:43 AM
To: Keenan Smith
Cc: security-basics () securityfocus com
Subject: Re: Root usage and applications


On Fri, 2005-11-11 at 10:35 -0500, Keenan Smith wrote:

> Since an application like OpenView is required to be available from 
> every node in a network, running it as root seems to me like a pretty 
> big vulnerability, if someone were to identify a hole and exploit it.

To begin with we have Precedent:

http://www.ngssoftware.com/advisories/hpovrma.txt
http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01138

So this is not a "what if" situation.