|
Top Document: comp.sys.3b1 FAQ part2 Previous Document: 8.5. What do I do when the machine hangs at the boot message? Next Document: 8.7. How do I access the expert menus in the diagnostics? See reader questions & answers on this topic! - Help others by sharing your knowledge
The best way to not worry about security is to not allow users
on your machine that aren't trusted. Especially users that have shell
access.
There are several serious problems with the UNIX PC's
software, specifically the User Agent (UA). The UA (the windowing
environment, also known as the Office environment) has some serious
security problems. The best solution, of course, would be to remove
the entire UA system from your machine. This isn't the easiest
procedure (since there are lots of programs scattered all around the
disk that are tied into the UA) and probably not the most desirable
for some novice users. What's so wrong with it? Well, look in your
trusty manuals, in section 4. The manual UA(4) states (talking about
UA configuration files):
[...] (page 4)
EXEC and SH have a number of variations, which are used depending
on the intelligence of the process being invoked.
[...]
The variations are specified via option characters as follows:
-n Run the process without a window
-w Run the process without waiting
-d Run the process in a dimensionless window
-p Run the process with superuser privileges
[...]
The "-p" option being the problem. For a little experiment to
show to a security conscious user (who still likes the UA), start out
in a non-privileged user account.
First create a file in your home directory called "Office"
with the following lines:
Name=Super User UNIX
Default = Run
Run=EXEC -pwd $SHELL
Then type:
$ exec /usr/bin/ua
Select the new object that you just created ("Super User
UNIX") and then at the "#" prompt type "id" for the effect.
# id
uid=0(root) gid=0(root)
OK, convinced?
If you really *LOVE* the UA, you can do something about this.
Protect the programs /usr/lib/ua/uasetx and /usr/lib/ua/uasig so they
are not executable by "other" and only executable by a "trusted" group.
-rwsr-x--- 1 root trusted 4268 Jan 1 1970 /usr/lib/ua/uasetx
-rwsr-x--- 1 root trusted 2068 Jan 1 1970 /usr/lib/ua/uasig
Another problem involves UA mail-handling. Send yourself some
electronic mail. Nothing elaborate is necessary.
$ mail myself < /dev/null
Select the [mailbox] icon when it comes up, and then when
you're in /bin/mail, at the "?" prompt type "! /bin/sh". Poof! Root
shell.
# id
uid=0(root) gid=0(root)
# pwd
/etc/lddrv
This last problem can easily be corrected with Lenny
Tropiano's "email" program that is archived on OSU as "email.sh.Z".
That program sets the correct user id, group id, and home directory.
The other things to look for are covered in lots of books on
UNIX security: directories with 777 permissions (world writable),
setuid programs that aren't very security conscious, etc.
User Contributions:Top Document: comp.sys.3b1 FAQ part2 Previous Document: 8.5. What do I do when the machine hangs at the boot message? Next Document: 8.7. How do I access the expert menus in the diagnostics? Part1 - Part2 - Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: jbunch@nyx.nyx.net (John B. Bunch)
Last Update March 27 2014 @ 02:11 PM
|
comp.sys.3b1 FAQ part2
Section - 8.6. How can the UNIX PC be made more secure?
Search the FAQ Archives
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
comp.sys.3b1 FAQ part2
Section - 8.6. How can the UNIX PC be made more secure?
( Part1 - Part2 - Single Page
)
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Cities ]
Comment about this article, ask questions, or add new information about this topic: