[7232] in bugtraq
Regarding Mudge's OBP/FORTH root hack (PHRACK53)
daemon@ATHENA.MIT.EDU (Jericho Nunn)
Sat Jul 11 18:47:33 1998
Date: Fri, 10 Jul 1998 02:12:52 -0600
Reply-To: Jericho Nunn <jnunn6@RAWTEN.OFF.AI>
From: Jericho Nunn <jnunn6@RAWTEN.OFF.AI>
To: BUGTRAQ@NETSPACE.ORG
Hi,
Aside from the fact that it left me quite flabbergasted for quite
some time, mudge's OBP memory manipulation for aquiring root priviledges
poses a serious risk for environments where SUN workstation consoles are
easily accesible to unpriviledged individuals, such as university labs.
An easy and quick work-around that avoids granting just anybody at
the console the ability to "Stop-A" and drop into OBP, is to enable the
"security-mode" and "security-password" variables within OBP. Changing
the default value of "security-mode" from 'none' to 'full', forces a
user who tries to halt the system to authenticate against the password
defined in "security-password" before having access to the OBP command
line.
Again, mudge never stops to amaze....
Regards,
Jericho.
