-x implementations
Sean Eric Fagan
sef at kithrup.COM
Sat Mar 9 05:47:02 AEST 1991
In article <QMY9-24 at xds13.ferranti.com> peter at ficc.ferranti.com (Peter da Silva) writes:
>Isn't this a security hole? I mean, once you can write to the password file
>you have the keys to the kingdom. I hope this goes away when you turn off C2.
Eeek. Let me explain this a bit better: a while ago, I wrote up my own
implementation of login that set multiple groups. I was running that.
However, the *kernel* was still broken: it didn't check multiple groups for
access permission (which kinda defeated the entire reason I'd done it: I
wanted to be in group uucp so I didn't have to be root to do a 'cu -l tty2A
dir'). Now, however, the kernel has been fixed, and a new version of login.
I installed all of this, and went on my merry way.
However, I'd *completely* forgotten that I'd set myself up to be in almost
every group in existance (well, 7 of them, at least). One of those groups
was 'auth', which has write access to /etc/passwd. Since the multiple
groups now work, I have write access to /etc/passwd.
And, no, sorry: under sco's unix, having write access to /etc/passwd will
only allow you to lock everyone out by removing or changing values; it won't
let you get it. You need to create one or two more files elsewhere in the
tree with all the proper magic in them.
--
Sean Eric Fagan | "I made the universe, but please don't blame me for it;
sef at kithrup.COM | I had a bellyache at the time."
-----------------+ -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.
More information about the Comp.unix.programmer
mailing list