Re: Kill the DOG and win 100 000 DM

[ratz <ratz () TAC CH>]

Hi Stany,

//Stany wrote:
> > root doesn't actually have any privileges on a Pitbull system.. he's
> > just a normal user (out of the box..)
>
> Actually that's not strictly true either - root user has enough
> priviledges to allow the system to boot on power on (not the OBP security
> levels, but the  PB authentication to let system finish booting up), but
> that's about it, yes.

I'm afraid Stany, but he's right. root, if not explicitly given so
has no authorization to boot the system up. It's a normal user without
any specific authorizations nor privileges. I agree with you if you
refer to SO or ISSO by saying root but you should clearly distinguish
between the 'super user' ISSO, SO and SA and in your case the user root.
If you don't believe me ;), read the orange book on specification about
defining different superusers for different system tasks or read the tfm
(trusted facility manual) from argus. IMHO if you can boot up the system
with the user root you did a very dangerous misconfiguration on a b1-system.

I recently started working quite indepth with argus b1-systems and I've
got a test license for .comPack MU4 for Solaris 2.7 and installed this
system on two machines and since then I'm constantly trying out to
compromise them in some way.

> > ..if anyone would like Jeff Thompsons talk from Defcon 7 on "Hacking B1
> > Trusted Operating Systems", send me an email and I'll put it up somewhere.
>
> Sure, please.   Knowledge is power, and all that...

I was already thinking of writing some article about the argus b1-security
system for some magazins like sysadmin or phrack ;) But I first have to get
more familiar with it and to deploy the wonderful SDK from argus to write
secure applications.

Best regards and have phun trying to hack the system. They will fail
like at Defcon 7,
Roberto Nibali, ratz

--
mailto: `echo NrOatSz () tPacA cMh | sed 's/[NOSPAM]//g'`