Bugtraq mailing list archives
Re: Paranoid? Running SSHD as normal users. (rethink)
From: eparker () MINDSEC COM (Erik Parker)
Date: Fri, 6 Aug 1999 13:29:27 -0600
pc () cyclotron bombshelter net pointed out to me:
This could be good.. But this could be bad. Running on a system with out the shadow password suite, then this would work very easily, running on a machine with a shadow password suite, it would atleast require the shadow file to be group writeable to the GID you run the program as. Which in most cases, shadow passwords are never readable to a regular users group, otherwise what is the point of the shadow suite?
require the shadow file to be group READABLE.. Which again, it never should be group readable to average users. However a lot of machines have a group readable program, for programs like xlock, and other ones that don't need to run as root, but do need to read that file.
The good: If SSH had a remote BO, the only thing compromised is anything in the group that /etc/shadow was r+w by.
And another mistake, obviously, if the shadow file is r+w to the person who compromised it, they own the entire box. I don't know how I overlooked that statement. I meant g+r, so its group readable.. And as Alan cox pointed out.. It might mean more trouble for the user logged in that way, if it was being used in a legitimate way.. Because whoever owned the tty they are sitting on, could easily write to their term. Erik Parker eparker () mindsec com
Current thread:
- chflags() [heads up] Adam Morrison (Aug 01)
- Re: chflags() [heads up] Eivind Eklund (Aug 03)
- Microsoft ask users to crack win2000 site Peter Lowe (Aug 03)
- vlock + magic SysRQ key Luis M. Cruz (Aug 04)
- Re: vlock + magic SysRQ key Pavel Machek (Dec 31)
- Paranoid? Running SSHD as normal users. Erik Parker (Aug 04)
- Re: Paranoid? Running SSHD as normal users. (rethink) Erik Parker (Aug 06)
- Administrivia Elias Levy (Aug 09)
- Re: Microsoft ask users to crack win2000 site j nazario (Aug 05)
- Re: Microsoft ask users to crack win2000 site John Horn (Aug 05)
- Re: Microsoft ask users to crack win2000 site Ray Barnes (Aug 06)
- vlock + magic SysRQ key Luis M. Cruz (Aug 04)