For mgetty users with non-trusted shell logins

l41484@alfa.ist.utl.pt (l41484@alfa.ist.utl.pt)
Thu, 28 Jan 1999 12:32:42 +0100
Messages sorted by:[ date ][ thread ][ subject ][ author ]
On 28 Jan 1999, Marc SCHAEFER wrote:

> l41484@alfa.ist.utl.pt wrote:
> > Never say never. :-) But i think we can say with same assurance, that
> > direct dial in access (of untrusted users) is becoming, less and less
> > common. For example i myself only use it, when my PPP access is
> > unavailable.
> 
> That's why we didn't go publish in 1996. *I* have unprotected untrusted
> shell dial-ins, and I insist on the security (e.g. by diminushing
> the number of suid executables, protections, etc). I was thinking
> of myself being an exception (allowing shell dialouts +

Unfortunately not a lot of people insist on it, either they don't care
or they don't know how to do it. I should no, this machine (and others
machines on this domain) have been blocked in the past, from having the
worst reputation in the country. :-)

> mostly safe system). Also, in 1996 I was hoping that the SAK
> discussion on the Linux kernel mailing-list would bring something.

What is SAK?

> It hasn't. And this is my next target, since I believe there might
> be a similar attack on console ttys *even with SAK*.

perhaps. Speaking of which, i noticed the tty's when unused (the ones that
will be used for the console for example) have mode 622.  Why not 600 ?
(or 660 since they are root:root owned)

> However, it looks like many people are using Linux nowadays in this
> fashion, and after all, if you run after all the buffer overflow
> problems which may or not be exploited, why not go for the
> more fondamental problems too ?

In my opinion, _all_ security problems should be solved. The minor and the
majors. Off course, problems like, you can exploit this, if condition A &
B & .... Z, are met and they have a _very low_ probability of happening, i
would give them a lower priority. :-)

Maybe you should give it a shot on Linux's security audit ML?

(security audit <security-audit@ferret.lmh.ox.ac.uk>)

> And if noone is concerned, well, fine :)

I bet a lot of people. (read HW vendors) will prefer to stick the head in
the sand on this. :-)

BTW this hasn't appeared on bugtraq, has it?

--
Tiago Pascoal  (l41484@alfa.ist.utl.pt)               FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.