ITS translations: security problem?

Barry Margolin barmar at think.COM
Tue Feb 2 03:43:02 AEST 1988


In article <9690 at tekecs.TEK.COM> andrew at frip.gwd.tek.com (Andrew Klossner) writes:
>	  So you add s|^/bin/rm$|/user/me/bin/rm| to your
>	translation list."
>
>What about the security implications?  Under Unix, I could use these
>translations to spoof setuid programs, e.g., make my own /etc/passwd
>then invoke /bin/su.

Well, ITS doesn't have much security, and what little it did have
wasn't based on the contents of some particular file that was read by
the user's process.

However, to answer your question about how this could be done in Unix,
the answer is to not inherit translations in setuid processes.
Barry Margolin
Thinking Machines Corp.

barmar at think.com
uunet!think!barmar



More information about the Comp.unix.wizards mailing list