[10037] in Commercialization & Privatization of the Internet
Re: If Orson Welles were only alive...
daemon@ATHENA.MIT.EDU (Karl Denninger)
Sat Feb 5 02:36:38 1994
From: karl@mcs.com (Karl Denninger)
To: bzs@world.std.com (Barry Shein)
Date: Sat, 5 Feb 1994 01:36:02 -0600 (CST)
Cc: sob@tmc.edu, karl@mcs.com, com-priv@psi.com
In-Reply-To: <199402050730.AA10596@world.std.com> from "Barry Shein" at Feb 5, 94 02:30:21 am
> From: sob@tmc.edu (Stan Barber)
> >Did you send any of this to the Sun Users' Group? Aren't you an officer in
> >SUG? Don't they play a role here? How about "security@sun.com"?
>
> What are you referring to here? Do you mean did I send a description
> of the security problem to the Sun User Group? No, I did not send it
> to the Boy Scouts of America either (what has SUG got to do with
> anything? Much less my status as an officer of that corporation?)
They were getting root access through an RDIST bug <WHICH I REPORTED> when
I discovered it here! Yes, BSDI has the problem too, as do a lot of other
folks. The 1.1 BSDI release <has fixed this> problem. SunOS 4.1.3 (note -
this is a RECENT release) has the problem.
It did NOT get them root access on MCSNet, but only because they were
stupid and didn't understand how the system here works, because we run
a secure network authentication system (no clear-text or decodable
passwords on the wire) -- and because I caught the bastard before he got
into anything substantial or figured out that he could make /bin/sh SUID
to root and do it that way.
CERT sat on the RDIST report, even though plugging THAT hole would have
prevented changing /etc/passwd on a Sun (w/o shadow passwords) to mode 777
and editing the damn file! All that was necessary to do in order to fix
this was "chmod u-s /usr/bin/rdist" and the means of gaining root in the
first place was removed.
--
Karl Denninger (karl@MCS.COM) | MCSNet - Full Internet Connectivity (shell,
Modem: [+1 312 248-0900] | PPP, SLIP and more) in Chicago and 'burbs.
Voice/FAX: [+1 312 248-8649] | Email "info@mcs.com". MCSNet is a CIX member.
