Bugtraq mailing list archives

Re: Request for discussion.

From: newsham () aloha net (Timothy Newsham)
Date: Tue, 7 Feb 1995 15:53:01 -1000 (HST)

We don't run login set-uid and have done so for quite some time.
You need to make sure that login checks the return values of setuid()
though, or you'll have surprising effects.  Login is usually started
by root (from getty, ttymon, telnetd, rlogind, etc) and only seldom
by normal users (login command in all shells).

We have not noticed any adverse side effect of this change, the positive
effects are:
      - one les set-uid program
      - impossible to remove you remote host entry from utmp/wtmp
      - impossible to hide who you are with:
        (login user) [subshell] follwoed by logout.


The same benefits/effects could be gotten by running login suid
but only allowing certain users (ie. the telnetd) to run it.
On systems with ACL's, like HPUX, this is trivial to do.

Casper

Current thread:

Re: Request for discussion. robert owen thomas (Feb 06)
- Re: Request for discussion. Timothy Newsham (Feb 06)
- <Possible follow-ups>
- Re: Request for discussion. Timothy Newsham (Feb 06)
  - Re: Request for discussion. Karl Strickland (Feb 06)
    - Re: Request for discussion. Timothy Newsham (Feb 06)
    - Re: Request for discussion. Karl Strickland (Feb 06)
    - Re: Request for discussion. Casper Dik (Feb 07)
    - Re: Request for discussion. Timothy Newsham (Feb 07)
    - Possible backdoor in ftpd? James Seng (Feb 07)
- Re: Request for discussion. Karl Strickland (Feb 06)
- Re: Request for discussion. Karl Strickland (Feb 07)
  - Re: Request for discussion. Stephen D. Williams (Feb 07)
  - Re: Request for discussion. Aleph One (Feb 07)
  - Re: Request for discussion. Julian Assange (Feb 08)
    - Re: Request for discussion. Casper Dik (Feb 08)
    - Re: Request for discussion. Karl Strickland (Feb 08)
    - Re: Request for discussion. Casper Dik (Feb 08)
    - Sniffer FAQ Christopher Klaus (May 27)

(Thread continues...)