How secure is UNIX? (Re: Stupid man
carroll at m.cs.uiuc.edu
carroll at m.cs.uiuc.edu
Wed Jun 6 10:31:00 AEST 1990
/* Written 11:22 am May 28, 1990 by dce at smsc.sony.com in m.cs.uiuc.edu:comp.unix.questions */
In article <1990May28.102235.10021 at agate.berkeley.edu> dankg at ocf.Berkeley.EDU (Dan Kogai) writes:
>In article <9000030 at m.cs.uiuc.edu> carroll at m.cs.uiuc.edu writes:
>>in it. Does FTP check for .netrc specially? If not, then this seems to
>>claim that you ftp'd the .netrc and it was that copy that was used,
>>not your 600 .netrc.
>
> It might be system dependent but ALL ftp I know refuses to use
>.netrc with wrong mode.
Hold on, Dan. I think that carrol at m.cs.uiuc.edu is asking "when going
a get or a put, does ftp check for .netrc specially". That is, is it
possible that you did a get/put of everything in a directory, and
that your .netrc got copied to a new place without being protected?
/* End of text from m.cs.uiuc.edu:comp.unix.questions */
Yes, this is what I meant. The scenario I envisioned was,
1. A tar is done on "." or using find, such that the .files are included,
including the .netrc.
2. The tar file is ftp'd somewhere else, with permissions such that
another user can get the file (normally or through ftp).
3. This other user then untars the file, and the .netrc, still with 600
permissions, is also untarred, but _owned by the other user_, because
that's what tar does (on BSD - on SysV, you have to go to the trouble
of using the -o flag).
4. Other user then picks the password out of the file.
I can't see how ftp could possibly prevent this from happening, and I strongly
suspect that something very similar to this took place.
Alan M. Carroll Barbara/Marilyn in '92 :
carroll at cs.uiuc.edu + This time, why not choose the better halves?
Epoch Development Team
CS Grad / U of Ill @ Urbana ...{ucbvax,pur-ee,convex}!cs.uiuc.edu!carroll
More information about the Comp.unix.questions
mailing list