[764] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] standard users,groups,perms?

daemon@ATHENA.MIT.EDU (Squawk)
Mon Jun 10 14:32:27 1996

Date: Fri, 7 Jun 1996 08:57:30 -0400 (EDT)
From: Squawk <discodan@vampire.org>
To: Richard Black <Richard.Black@cl.cam.ac.uk>
cc: "Jeffrey J. Radice" <jjr@zilker.net>, linux-security@tarsier.cv.nrao.edu,
        Richard.Black@cl.cam.ac.uk
In-Reply-To: <E0uRel9-0004BI-00@heaton.cl.cam.ac.uk>



On Thu, 6 Jun 1996, Richard Black wrote:

> 
> At this site we integrate a large number of linux boxes with a large number of 
> other machines from very many other vendors.
> 
> Our experience is that some of the user / group assumptions on linux are 
> irritating, probably derived from the fact that many of the linux community 
> appear to manage their machines locally where the user is the administrator 
> and the machine is isolated. Witnes (for example) the very long time for which 
> the password entries in /etc/passwd were not encrypted correctly for 
> alpha_linux (a 64bit problem) and it wasnt noticed!!
> 

not that many people have alpha_linux up and running. I think its safe to 
say that the majority of linux users are home users, with PC's. It's 
pretty difficult to notice problems if you have a limited users group





> Another is that roots home directory is not the root of the filesystem. This 
> is the very first thing we have to fix on any linux installation - its 
> complete brain damage. If you have automatic systems installing and updating 
> remotely using rsh etc on many different systems some of which have different 
> partitioning information and different partitions served r/o from different 
> places etc, you must be in a position to be able to use rsh and rdist with 
> root-relative paths.

The old addage "you get what you pay for" comes to mind.


for a free, stable, powerful operating system i'd spend the 30 seconds 
rditing /etc/passwd (and all related files) to make roots homedir where I 
want it..

while the user/group system may seem odd to you, i've noticed big 
differences in all flavors of unix about the user group differences.. I 
wouldn't consider this a TRUE security problem (though it may cause you 
security problems down the road, you have to be really careful), instead 
i'd consider it an inconvienience.. 

-Dan

home help back first fref pref prev next nref lref last post