[4783] in bugtraq
Re: Fun with devices [was: Re: /dev/tcx0 crashes SunOS 4.1.4 on
daemon@ATHENA.MIT.EDU (Brad Powell)
Tue Jun 24 19:45:24 1997
Date: Tue, 24 Jun 1997 08:31:36 -0700
Reply-To: Brad Powell <brad.powell@WEST.SUN.COM>
From: Brad Powell <brad.powell@WEST.SUN.COM>
X-To: yes@LUDD.LUTH.SE
To: BUGTRAQ@NETSPACE.ORG
>From yes@LUDD.LUTH.SE Tue Jun 24 07:49:18 1997
E>
>Subject: Re: Fun with devices [was: Re: /dev/tcx0 crashes SunOS 4.1.4 on
> Sparc 20's]
>X-To: Tobias Walkowiak <walko@CADLAB.TU-BERLIN.DE>
>To: BUGTRAQ@NETSPACE.ORG
/Stahre writes:
>Then you will have to login and leave a nice entry in the log. It is
>"better" to
>
> rcp /etc/motd you@some.host:/dev/audio
>
>Panic, dump and reboot. And noone know it was you. (Works with any file,
>if you choose an au-file it will first play the sound and then crash. Lot
>of room for creativeness here.)
>
>Works on SunOS 4.1.4, and probably other versions too. Not on Solaris 5.5
>though.
>
>A good way to be "safer" from this is to chown /dev/audio to the user
>thats logs in and chmod it to 600.
Thats what /etc/fbtab (solaris1) and /etc/logindevperm (solaris2) are for.
Use whats there :-)
>But people will still be able to crash
>their own workstations... But on the other hand they can pull the plug
>aswell, so if they really want to stop them you have to lock your
>workstations in one room and you users in another.
Yeah, I've always said; kick off all the users and I can make you a
secure system. ;^}
The weak link is security is most often the human one.
=======================================================================
Brad Powell : brad.powell@Sun.COM
Sr. Network Security Consultant
Sun Microsystems Inc.
=======================================================================
The views expressed are those of the author and may
not reflect the views of Sun Microsystems Inc.
=======================================================================
