security (was Re: crontab Daemon-from-Hell)

John B. Milton jbm at uncle.UUCP
Mon Jun 5 15:51:36 AEST 1989


In article <14270 at watdragon.waterloo.edu> hjespersen at trillium.waterloo.edu () writes:
>In article <1528 at sialis.mn.org> rjg at sialis.mn.org (Robert J. Granvin) writes:
>
>>The original points were actually correct.  But to add onto it, many
>>of you will notice that / has permissions of 777.  
>
>Not on _my_ system. Give me any valid login and a / that is 777 and
>I'll have root in about 30 seconds. 

One of several hundred different ways around security on the UNIXpc. To tighten
security you have to start off by removing ua and smgr from the system, then
you have a chance of getting the UNIXpc security to approach that of most other
SYSV boxes


John
-- 
John Bly Milton IV, jbm at uncle.UUCP, n8emr!uncle!jbm at osu-cis.cis.ohio-state.edu
(614) h:294-4823, w:764-2933; N8KSN, AMPR: 44.70.0.52; Don't FLAME, inform!



More information about the Unix-pc.general mailing list