Findsuid source (Re: Security an

Mike Schloss mike at enmasse.UUCP
Sat Feb 2 11:04:54 AEST 1985


> Another problem with having a find-suid-programs program that runs based
> on crontab entries is that anyone can see when the find-suid-programs
> program is going to run next, and make their moves on that basis.
> 
> 		kurt

But what are they going to do about it.  I suppose that if they knew the
order in which file systems were traversed they might be able to move
their program to a safe area and back again when all clear but this seems
a little drastic.  Easier to just modify an existing suid-root program
(like su) to grant a specific user or password root access. 

CACM had an interesting article on this stuff a while back...
It amounted to this, once root has been comprimised just once,
the whole system is suspect unless everything is rebuilt from scratch,
from the distribution tape.



More information about the Comp.unix.wizards mailing list