Bugtraq mailing list archives
Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)
From: wietse () porcupine org (Wietse Venema)
Date: Tue, 4 Sep 2001 10:48:39 -0400 (EDT)
If an operator leaves his/her terminal unattended, then a miscreant can plant any number of trojan horses to gain future root access. The possibilities for getting future root access are not limited to skeyinit + sudo. To begin with, any trojan horse will suffice that captures the operator's plain-text password. Then there are cron and at, which give the equivalent of operator terminal access. Therefore, adding a password challenge to skeyinit is not sufficient. The fix, at least for today's versions of FreeBSD, is for operators not to leave their terminal unattended. Wietse Frank Tobin:
Summary: keyinit(1)'s lack of authentication creates severe authentication issues, especially when used in combination with programs such as sudo(1). Affected Systems: FreeBSD-stable (older?), and other systems that use S/Key, especially in combination with sudo(1) Solution Summary: Disable S/Key in favor of OPIE or patch keyinit(1) to require authentication or do not use sudo(1) History: I brought up this matter a few years ago on freebsd-security (http://www.freebsd.org/cgi/getmsg.cgi?fetch=430991+433795+/usr/local/www/db/text/1999/freebsd-security/19990926.freebsd-security), with no response, but at the behest of others during a demonstration I gave recently, I'm prompted to bring this up again.
Current thread:
- S/Key keyinit(1) authentication (lack thereof) + sudo(1) Frank Tobin (Sep 02)
- Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1) Derek Martin (Sep 03)
- Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1) Wietse Venema (Sep 04)
- Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1) Frank Tobin (Sep 04)