Bugtraq mailing list archives
Re: Possible SunOS 5.5.1 sulogin vulnerability
From: mikedoug () texas net (Michael Douglass)
Date: Fri, 15 Nov 1996 18:26:23 -0600
On Wed, 13 Nov 1996, Jason R. Mastaler wrote:
Possible hole in sulogin here? Under Solaris 2.5.1 (sparc & x86), executing /sbin/sulogin from an unprivileged user account dumps you into what appears to be single-user mode with an ugly warning message without prompting for the root password. You don't find this with earlier versions of Solaris (2.5 and lower).
sulogin is *not* suid root... It is run as root when the system comes up in single user mode. The reason you get the ERROR NO root PASSWD is because it cannot read /etc/shadow as the unprived user. If you were to do id -a you would see that you are still the same unpriveledged user. No security hole here. Michael Douglass Texas Networking, Inc. "Love does not consist in gazing at each other but in looking together in the same direction." Antoine de Saint-Exupery: Wind, Sand, and Stars, ch. 8 (1939).
Current thread:
- Possible SunOS 5.5.1 sulogin vulnerability Jason R. Mastaler (Nov 13)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Steve Blass (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Doug Hughes (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Casper Dik (Nov 15)
- Re: Possible SunOS 5.5.1 sulogin vulnerability Michael Douglass (Nov 15)
- El Programa Matador de Ascendes Scriptors of DOOM (Nov 16)
- El Programa Matador de Ascendes Aleph One (Nov 16)
- This week: turn me on, dead man Aleph One (Nov 16)
- Re: El Programa Matador de Little Boys I like so much Aleph One (Nov 16)
- Apologies to Kit Knox and all Aleph One (Nov 16)
- <Possible follow-ups>
- Re: Possible SunOS 5.5.1 sulogin vulnerability Mark Graff (Nov 15)