[850] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] standard users,grou

daemon@ATHENA.MIT.EDU (rdm@tad.micro.umn.edu)
Tue Jun 25 17:59:28 1996

From: rdm@tad.micro.umn.edu
Date: 24 Jun 1996 22:08:32 -0000
To: linux-security@tarsier.cv.nrao.edu

I'm going to keep this brief.  I missed that the original request was
only for /bin/passwd access, not general sudo access.  My fault.

However, some of the replies indicate a distinct lack of thought about
some of the issues of administering a secure system.  I'd like to
encourage a bit more thought.  [Please think.]

In particular, consider a laptop with
root:*:0:0:root:/:/bin/sh
in /etc/passwd, and
27:23:respawn:/bin/open -c 27 -l -w -- /bin/bash
28:23:respawn:/bin/open -c 28 -l -w -- /bin/bash
29:23:respawn:/bin/open -c 29 -l -w -- /bin/bash
in /etc/inittab, and the keyboard remapped to put those vts somewhere
personal (e.g. control right-alt capslock =).  In particular, think
about how hard it is to crack the root password...

Another "passwordless" configuration to consider replaces some
instances of /bin/bash with su -l (and some normal user id).

Also, note that on this kind of machine a screen/keyboard lock
mechanism is likely to be far more useful than the classic login
mechanism.  If you're really paranoid, you'd lock the screen before
starting any sessions.  A lock that leaves the session in place 
is likely to be more useful than a lock that is only good when you
toss your session -- except maybe for those people who have configured
their machines such that there's next to no time to set up a useful
session.

Note: remote access is another issue entirely.

In terms of real security, multi-user systems aren't very effective.
[They're quite useful in their own right, but never mistake security
on a multi-user system for real security.  For purposes of discussion,
the internet is as much an example of a multi-user system as a classic
timesharing host is.]

However, remote access can become much more secure if you have
complete control over the machines at both ends.

-- 
Raul

home help back first fref pref prev next nref lref last post