[202] in linux-security and linux-alert archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Serious security hole: log files

daemon@ATHENA.MIT.EDU (Belikoff Alexander)
Tue Apr 11 04:04:30 1995

From: Belikoff Alexander <abel@wisdom.weizmann.ac.il>
Date: Sun, 9 Apr 1995 15:02:08 GMT
To: linux-security@tarsier.cv.nrao.edu

Hi everybody,

I would like to mention a serious (on my mind) security hole in the
logging system.

As I noticed, sysklogd package creates log files with world-read
permissions. Now suppose the following: you type your password at the
login prompt (it *does* happen sometimes, whether you want it or not).
As usually, your log file will contain the message of the following
kind:

... login failed for user 'my_very_secure_password'

Now suppose the ill-minded guy, reading your log file...

The best solution is, probably, to set /usr/adm perms to 700.

abel

--                               /v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^\
Alexander L. Belikoff            |o       ...                               o|
(abel@wisdom.weizmann.ac.il)     |o 3314  signal(SIG_CTHULHU, fhtagn);      o|
                                 |o 3315  pause();                          o|
Berger Financial Research, Ltd.  |o       ...                               o|


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[202] in linux-security and linux-alert archive

Serious security hole: log files

daemon@ATHENA.MIT.EDU (Belikoff Alexander)Tue Apr 11 04:04:30 1995

daemon@ATHENA.MIT.EDU (Belikoff Alexander)
Tue Apr 11 04:04:30 1995