[22531] in bugtraq
Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)
daemon@ATHENA.MIT.EDU (Frank Tobin)
Wed Sep 5 02:29:31 2001
Date: Tue, 4 Sep 2001 17:06:32 -0500 (CDT)
From: Frank Tobin <ftobin@neverending.org>
To: Wietse Venema <wietse@porcupine.org>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <20010904144839.53239BC06C@spike.porcupine.org>
Message-ID: <Pine.BSF.4.33.0109041703110.39912-100000@palanthas.neverending.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Wietse Venema, at 10:48 -0400 on Tue, 4 Sep 2001, wrote:
If an operator leaves his/her terminal unattended, then a miscreant
can plant any number of trojan horses to gain future root access.
However, trojans can theoretically be avoided given the right
user-environment setup. They also require action to be taken by the
victim, which increases the time it takes to execute the attack. The
attack I describe is not a trojan, and needs no vicitim action.
The importance of needing user action is important, because increasing the
length of time from the start of the attack to the finish of it increases
the possibility of the trojan being detected by some means.
--
Frank Tobin http://www.neverending.org/~ftobin/
