[1099] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Suid Programs / Help Wanted

daemon@ATHENA.MIT.EDU (Net-Thing Security)
Tue Aug 27 18:05:55 1996

Date: Tue, 27 Aug 1996 00:53:10 -0400 (EDT)
From: Net-Thing Security <security@shell.net-thing.net>
To: linux-security@tarsier.cv.nrao.edu

 With all the problems about Suid programs, I just -s all but 3 of 
them like sendmail none of my 300 users even noticed. So why does everyone
else seem to need them Suid?
 If someone needs Suid programs how about some home made wrapper 
program or script that runs them in a secure manner? would that work?

I have a question unrelated:

Is there anyway to tell if a logged in user has a Euid=0 shell but 
everything else is the same as his normal login. If there is how about a
 daemon that checks users and freezes the login of any euiders=0 or ones 
that get to uid=0 shell and add their ip to hosts.deny. How about a 
automatic expert security program that keeps a watch over all logins.

[REW: csh-variants detect this case, print "Permission denied." and exit.
You could add this check to your /bin/sh. You have the source.]

Another Question: 

Is there a bug in the slackware 1.2.13 login that can let an intruder 
get a root shell even with no valid login account? If so where is the fix 
located. Who keeps the FAQ for this list.

[REW: Those bugs are rarely in "login". It is very unlikely that you
have "Slackware 1.2.13". What slackware? Install the most recent
net-kit anyway, this fixes around half a dozen holes.]

Help Wanted:

Wanted security consultant anyone reading this that knows all 
past and present Slackware bugs/holes and possibly Irix 5.3 exploits reply
with hourly rate and experience. Thanks. 

 
Thanks for any info  jeff@net-thing.net

Jeffrey M. Drum, Computer monitor electronics repair specialist.

home help back first fref pref prev next nref lref last post