[1099] in linux-security and linux-alert archive
[linux-security] Suid Programs / Help Wanted
daemon@ATHENA.MIT.EDU (Net-Thing Security)
Tue Aug 27 18:05:55 1996
Date: Tue, 27 Aug 1996 00:53:10 -0400 (EDT)
From: Net-Thing Security <security@shell.net-thing.net>
To: linux-security@tarsier.cv.nrao.edu
With all the problems about Suid programs, I just -s all but 3 of
them like sendmail none of my 300 users even noticed. So why does everyone
else seem to need them Suid?
If someone needs Suid programs how about some home made wrapper
program or script that runs them in a secure manner? would that work?
I have a question unrelated:
Is there anyway to tell if a logged in user has a Euid=0 shell but
everything else is the same as his normal login. If there is how about a
daemon that checks users and freezes the login of any euiders=0 or ones
that get to uid=0 shell and add their ip to hosts.deny. How about a
automatic expert security program that keeps a watch over all logins.
[REW: csh-variants detect this case, print "Permission denied." and exit.
You could add this check to your /bin/sh. You have the source.]
Another Question:
Is there a bug in the slackware 1.2.13 login that can let an intruder
get a root shell even with no valid login account? If so where is the fix
located. Who keeps the FAQ for this list.
[REW: Those bugs are rarely in "login". It is very unlikely that you
have "Slackware 1.2.13". What slackware? Install the most recent
net-kit anyway, this fixes around half a dozen holes.]
Help Wanted:
Wanted security consultant anyone reading this that knows all
past and present Slackware bugs/holes and possibly Irix 5.3 exploits reply
with hourly rate and experience. Thanks.
Thanks for any info jeff@net-thing.net
Jeffrey M. Drum, Computer monitor electronics repair specialist.