Penetration Testing mailing list archives
Re: Subverting eTrust Access Control on UNIX (file execution)
From: Tim Brown <tmb () 65535 com>
Date: Wed, 10 Dec 2008 16:39:16 +0000
On Wednesday 10 December 2008 16:30:30 arvind doraiswamy wrote:
Well .. Not totally related this. Alll the same you'd need to gain access to the system someway (vuln, open share, webdav, default password, ftp whatever) before you'd think of uploading binaries. Unless you already gained access to those folders. And if you've got as much access as that .. you would probably just be able to turn things off itself or drop a rootkit in there as a POC. Just another way of thinking - You might not need to bypass at all.
Not necessarily true, AC doesn's use OS privileges when authorising/denying access. One purpose of it is to neuter OS level accounts. For example, using AC I could remove all privileges from the root user and reassign them to someone else. That being said, disabling it is a valid point. "secons -s" is your friend in this regard *assuming* you have access to an account that is defined as an AC admin in the local policy being enforced. Tim -- Tim Brown <mailto:tmb () 65535 com> ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Subverting eTrust Access Control on UNIX (file execution) RexRufi (Dec 07)
- Re: Subverting eTrust Access Control on UNIX (file execution) Tim Brown (Dec 08)
- Re: Subverting eTrust Access Control on UNIX (file execution) arvind doraiswamy (Dec 10)
- Re: Subverting eTrust Access Control on UNIX (file execution) Tim Brown (Dec 10)
- Re: Subverting eTrust Access Control on UNIX (file execution) arvind doraiswamy (Dec 10)
- Re: Subverting eTrust Access Control on UNIX (file execution) Tim Brown (Dec 08)