[3400] in bugtraq
Re: Vulnerability in HP sysdiag??? and securetty - clarification
daemon@ATHENA.MIT.EDU (Nicolas J. Hammond)
Thu Sep 26 16:31:29 1996
Date: Thu, 26 Sep 1996 06:09:26 -0400
Reply-To: "Nicolas J. Hammond" <njhm@ns.njh.com>
From: "Nicolas J. Hammond" <njhm@ns.njh.com>
X-To: Todd_Beebe@exchng1.gallup.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <c=US%a=_%p=GALLUP%l=EXCHNG1-960926025334Z-4178@exchng1.gallup.com> from "Beebe, Todd" at "Sep 25,
96 09:53:34 pm"
Beebe, Todd wrote ...
> Funny thing..
>
> [...]
> annoying password.
>
> On a side note, if there are any SysAdmins out there using the
> /etc/securetty file as a means to disallow direct root login, don't. It
> also
> has a "bug" that HP support never gave me a answer for. If you
> use xterm to login to your server it doesn't use the /etc/securetty file
> so the tty is not secure, you can get a direct login as root without
> any changes to the system. I thought somewhere within C2 specifications
> it talked about disallowing direct root login....
This is not in the C2 requirements of the "Orange Book"
(the book that defines security class requirements)
--
Nicolas Hammond NJH Security Consulting, Inc.
njhm@njh.com 211 East Wesley Road
404 262 1633 Atlanta
404 812 1984 (Fax) GA 30305-3774
