Bugtraq mailing list archives
Re: Request for discussion.
From: karl () bagpuss demon co uk (Karl Strickland)
Date: Tue, 7 Feb 1995 03:32:07 +0000 (GMT)
By the same token, many people dont run /bin/login suid root. So in this instance, you're just swapping one privileged program for another? Is login better to have running as root than telnetd? I can think of more published holes in login.Login inherently has to be run as root.
true
It doesn't inherently have to be suid though.
true
If you dont want normal users running login from the command line you can put an ACL on the file (if you have support for that in your kernel)
OK fair enough. but the unpriviledged user that telnetd was running as is not unprivileged any more.
or you can have the program check the uid of the invoking process itself (basically an ACL built into the program).
ugh:-)
Also what about changing ownership/permissions of your pty (on BSD based pty systems) on login/logout, and writing wtmp records on logout?Ah. This is the reason. This is something I wanted to see fixed a long time ago. There are several ways of handling this. The one I like is having a program that will write the utmp and chown the pty all in one step for you.
well, i wonder about this. does this program too have an ACL on it so only certain users can access it? if so our unprivileged telnetd user gets more privileged :-)
This program would run at a "utmp" priveledge level.
how can something running with utmp privilege chown pty's? (assume BSD chown(2) for instance).. -- ------------------------------------------+----------------------------------- Mailed using ELM on FreeBSD | Karl Strickland PGP 2.3a Public Key Available. | Internet: karl () bagpuss demon co uk |
Current thread:
- Re: Request for discussion. robert owen thomas (Feb 06)
- Re: Request for discussion. Timothy Newsham (Feb 06)
- <Possible follow-ups>
- Re: Request for discussion. Timothy Newsham (Feb 06)
- Re: Request for discussion. Karl Strickland (Feb 06)
- Re: Request for discussion. Timothy Newsham (Feb 06)
- Re: Request for discussion. Karl Strickland (Feb 06)
- Re: Request for discussion. Casper Dik (Feb 07)
- Re: Request for discussion. Timothy Newsham (Feb 07)
- Possible backdoor in ftpd? James Seng (Feb 07)
- Re: Request for discussion. Karl Strickland (Feb 06)
- Re: Request for discussion. Stephen D. Williams (Feb 07)
- Re: Request for discussion. Aleph One (Feb 07)
- Re: Request for discussion. Julian Assange (Feb 08)
- Re: Request for discussion. Casper Dik (Feb 08)
- Re: Request for discussion. Karl Strickland (Feb 08)