Re: /etc/utmp

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: nms@ns1.rutgers.edu: "Making rdist non-suid but still functional"
• Previous message: smb@research.att.com: "Re: sendmail exploit script - resend"
• In reply to: Marc W. Mengel: "Re: /etc/utmp"
• Next in thread: Pat Myrto: "Re: /etc/utmp"

/* ches@research.att.com writes: */

>In <9403252218.AA14294@rwing.UUCP>  you write:
>  I don't know of a specific patch, for this.  But the only REAL fix is
>  to make the /etc/utmp file so it is not world-writeable.  That means,
>  of course, fixing anything that must update it, other than login or init
>  to run SUID root without creating a worse hole.  
>
>Making things setuid root is almost always wrong.   Make a new group,
>say group "utmp", and make anything that needs to deal with utmp
>
I have to disagree Bill, since one can obtain root by making use of utmp,
then it should require root's priv. to modify it.  Otherwise you are just
adding an extra level of indirection to get to root.

Mitch's Law on Files:

   1) Files should only be modifiable by the highest privilege (or higher)
      that can be obtained by modifying that file.

   2) Files should only be readable by the highest privilege (or higher) that
      can be obtained by reading that file.

   3) Use common sense when applying the above.


Do Svidanya,

   ~mitch

• Next message: nms@ns1.rutgers.edu: "Making rdist non-suid but still functional"
• Previous message: smb@research.att.com: "Re: sendmail exploit script - resend"
• In reply to: Marc W. Mengel: "Re: /etc/utmp"
• Next in thread: Pat Myrto: "Re: /etc/utmp"