Automatic root login
John Bruner
jdb at mordor.UUCP
Mon Nov 25 03:27:12 AEST 1985
There is an important consideration if you have (or are considering
the implementation of) a program which gives a root shell to
specified users without prompting for a password.
This sort of program effectively multiplies the number of passwords
than can be used to obtain "root". Rather than protecting a single
password, it is now necessary to protect N+1 (where N is the number
of privileged users. In general, is easier to find one out of N+1
passwords than it is to determine a single password.
Also, since correct setuid programs are difficult to write, you must
now worry not only about setuid-root programs but also setuid-priv
programs (where "priv" is any user in the privileged class). A
buggy setuid-priv program might be exploited to obtain a setuid-priv
shell which could then be used to obtain root.
--
John Bruner (S-1 Project, Lawrence Livermore National Laboratory)
MILNET: jdb at mordor [jdb at s1-c.ARPA] (415) 422-0758
UUCP: ...!ucbvax!dual!mordor!jdb ...!seismo!mordor!jdb
More information about the Comp.unix
mailing list