Old rlogin bug

News Administrator dave at galaxia.Newport.RI.US
Sat Jul 28 12:05:49 AEST 1990


In article <698 at msor0.UUCP> rt at msor0.UUCP (Raymond Thompson) writes:
>
>This happened to me soon after we installed a new SUN system and was caused
>by a typing error in the passwd file.  The line
>+::0:0:::
>forcing a look at NIS (ne YP) was typed in with the leading '+' missing.
>Hey presto, a null System Manager

This is a good example of why I never use "0" in a YP reference, I always
use "999".  That way, if anything goes wrong the worst that can happen is
that someone can gain access to the machine using the uid 999.  Since I
also make sure that I never assign 999 to a real user there is very little
damage that can be done.  About the worst thing that can happen is that
the intruders could copy the passwd file so that they could munch on it
later but if you use shadow passwords then even that is not a problem.
-- 
David H. Brierley
Home: dave at galaxia.Newport.RI.US    Work: dhb at quahog.ssd.ray.com
Be excellent to each other.



More information about the Comp.unix.wizards mailing list