[1535] in linux-security and linux-alert archive
[linux-security] Re: Re: Yet Another DIP Exploit?
daemon@ATHENA.MIT.EDU (Uri Blumenthal)
Tue May 6 06:38:17 1997
From: Uri Blumenthal <uri@watson.ibm.com>
To: linux-security@redhat.com
Date: Mon, 5 May 1997 23:14:17 -0400 (EDT)
In-Reply-To: <m0wOMgm-000HTFC@monad.swb.de> from "Olaf Kirch" at May 5, 97 02:16:20 pm
Reply-To: uri@watson.ibm.com
Resent-From: linux-security@redhat.com
Olaf Kirch says:
> Making dip setuid root creates problems other than buffer overruns etc.
making DIP set-uid root does *not* create buffer overrun problems,
which were fixed long time ago.
> I for one would not allow my users to mess with my routing table.
That's your policy. It's up to your users to appreciate or hate it.
> I can see two reasons for making dip setuid root:
> * Permit SLIP logins. Easily solved by using sliplogin, which is
> more flexible anyway, IMHO.
Nobody forces anybody to use DIP for any purpose.
> * Allow users to initiate a SLIP connection. If you really want this,
> either use diald, write a setuid wrapper for dip that calls it
> with the appropriate script, or make dip check that the script
> file is owned by root. Any of these avoid the entire security
> circus altogether. A patch for the latter solution is appended
> below.
Your proposal might work. However, by this time I got a few
good suggestions how to correct the problem.
A new release of DIP is expected within 4 weeks.
--
Regards,
Uri uri@watson.ibm.com
-=-=-=-=-=-=-
<Disclaimer>