home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!mcsun!uknet!cam-orl!iwj
- From: iwj@cam-orl.co.uk (Ian Jackson)
- Newsgroups: comp.os.linux
- Subject: Re: Packaging Linux
- Summary: shutdown/sync login can compromise security
- Message-ID: <1992Nov23.130900.28685@cam-orl.co.uk>
- Date: 23 Nov 92 13:09:00 GMT
- References: <1992Nov20.190335.24454@beaver.cs.washington.edu> <By59LB.Mqy@watserv1.uwaterloo.ca>
- Organization: Olivetti Research Ltd
- Lines: 28
-
- In article <By59LB.Mqy@watserv1.uwaterloo.ca> jjlawren@garfield.uwaterloo.ca writes:
- >I personally think that it is very simple to have a login for shutdown (I
- >do...why not for std release?) and then tell people...."when you are done
- >using the system for the day logout all users and login as shutdown...wait
- >10 seconds (for the message that its ok) and then turn off the machine."
-
- I agree. Unfortunately the version of xdm I have (and probably every
- other) seems to ignore inappropriateness of a user's login shell when
- deciding what to do when they log in.
-
- If, for example, you have a user "shutdown" with a uid of 0 and no
- password, xdm simply starts up an xterm with their shell (shutdown, or
- whatever) in it, together with a twm. The default twm then allows
- anyone to get up root shells (bash, etc.) if the shell in the xterm
- doesn't complete and die immediately. I'm looking into a way of fixing
- this problem and will post when I have figured it out.
-
- I think there are various other programs that may read and
- misinterpret the password file as well (ftpd?) - perhaps someone else
- could comment.
-
- In general a program shouldn't assume that a user may do arbitrary
- things like transfer files, have shells, etc., unless their login
- shell is in /etc/shells.
- --
- Ian Jackson iwj@cam-orl.co.uk ..!uknet!cam-orl!iwj These opinions are my own.
- Olivetti Research Ltd, Old Addenbrookes Site, Trumpington St, Cambridge, UK;
- Home: 35 Molewood Close, Cambridge, CB4 3SR; +44 223 327029. +44 223 343398
-
