[1950] in bugtraq
Re: login can be used to hide from finger under SunOS 4.13u1
daemon@ATHENA.MIT.EDU (Karl Strickland)
Fri Jun 2 20:39:44 1995
From: Karl Strickland <karl@bagpuss.demon.co.uk>
To: DSacerdo@world.std.com
Date: Fri, 2 Jun 1995 22:07:55 +0100 (BST)
Cc: bugtraq@fc.net
In-Reply-To: <Pine.3.89.9506012042.A7727-0100000@world.std.com> from "David Sacerdote" at Jun 1, 95 08:57:28 pm
>
> I recently noticed that running login (no arguments) once logged in, and
> providing it with your username and password would hide one from finger
> requests under SunOS 4.13u1. Has anybody else noticed this, under SunOS, or
> other unix variants?
> David Sacerdote
Yep, this has been known for years, and crops up under most UNIX's. If you
choose to leave login 6755 and give users access to it, then thats the price
you pay. Personally, I recommend removing the suid bit and/or making it
non world executable. If people need to switch uid's they can either logout
and login again, use su, or telnet localhost or rlogin localhost or whatever.
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk
|
