Re: Security risk with powermanagemnet on Solaris 2.6

[casper () HOLLAND SUN COM (Casper Dik)]

> > Recently we found a security risk caused by powermanagement on Solaris
> > 2.6. I am pretty sure that it exists on Solaris 2.5 too, though I
> > haven't tested it.

> Come to think of it I think I saw that exact behaviour in 2.5 too.

Ever since power management was first supported, in 2.4.

> > I haven't found a bugdescription or patch from sun. The only workaround
> > is not to use Powermanagement with a desktop. But who is using
> > powermanagement anyway?

Not many people until 2.6, when it became part of the standard OS.

> I've been usin powermanager on my sparc at home for 2-3 years now. Very
> useful when you want to switch off the noise without having to close all
> the applications.

Same here.

> I have another interesting aspect of Powermanager. In solaris 2.6
> powermanager is now installed by default including the setuid program
> usr/openwin/bin/sys-suspend which can be used by any user to suspend the
> machine and turn off the power. I think this is scary...

sys-suspend can be disabled using its configuration files.

BTW, the workaround for the type to xlock problem would be:

        xlock & sleep 2 ; sys-suspend -xfn


The actual problem is that xlock gets started after sys-suspend resumes;
it should be started before hand.

Casper