Bugtraq mailing list archives
Re: bin owned system files
From: barnett () grymoire crd ge com (Bruce Barnett)
Date: Fri, 26 Jul 1996 17:13:44 -0400
Are there any known problems/bugs/etc. with "root" executing system binaries owned by "bin" as long as the "bin" account is disabled in /etc/passwd. (i.e. * for password and /bin/false for the shell).
As Spaf says, NFS is one big problem. Having directories like /usr/bin owned by bin, group bin, owner and group writable is asking for trouble. Anyone that can be part of group "bin" can modify any of the files. The directories should be owned by root, not bin, and mode 755, not 775. It is true you could add someone to group "bin" and allow that person to update those files, but this is very dangerous, IMHO. The other point is that each application that uses accounts must be examined. Telnet/rlogin/rsh uses the shell field in the /etc/passwd file. What about ftp? Make sure the /etc/shells file is configured properly. Any other applications use the user name? I remember that there was a version of the Sun TOPS remote file service (for Macintoshes) that didn't look at the shell field. So you could log onto user ID "sync", with uid 0, and become root.... - Bruce Barnett
Current thread:
- bin owned system files Robert E. Adams (Jul 25)
- ? Trojan /usr/bin/false ? Jeremy Brinkley (Jul 25)
- Re: ? Trojan /usr/bin/false ? Elliot Lee (Jul 25)
- Re: bin owned system files Gene Spafford (Jul 25)
- Re: bin owned system files Colin Jenkins (Jul 26)
- Re: bin owned system files Gene Spafford (Jul 26)
- Re: bin owned system files Jungseok Roh (Jul 26)
- <Possible follow-ups>
- Re: bin owned system files William McVey (Jul 26)
- Re: bin owned system files dsiebert () icaen uiowa edu (Jul 26)
- Re: bin owned system files Bruce Barnett (Jul 26)
- ? Trojan /usr/bin/false ? Jeremy Brinkley (Jul 25)