3b2 Questions - Answers Appreciated

JacobsD darryl at drumn.ATT.COM
Tue Mar 21 08:59:26 AEST 1989 

In article <178 at flnexus.ATT.COM> heff at flnexus.ATT.COM (Paul_Heffner) writes:
>From article <8300010 at gistdev>, by flint at gistdev.UUCP:
>> 
>> Yea, Magic Mode is a lot of fun, but it can save tons of time: what
>> bugs me is why AT&T won't make it into something real and (heaven
>> forbid) document it.
>
>Because It's potentially a serious security hole. If your processor
>isn't physically secure. (read: locked up in a room somewhere)
>anybody with some smarts and some knowledge of magic mode can
>do violence (or at least dubious things) to your system if so inclined.

So why not document that fact and recommend that the Essential Utilities
floppies (including the floppy key) be stashed in a secure place?
After all, security holes don't go away just because you don't mention them!

>THAT is why they allow you to change the firmware password and smart
>SAs do just that...

I don't understand ... Since you cannot access magic mode unless:
(A) You know the firmware password, (or have the floppy key) and
(B) You have the Essential Utilities floppy #1,
why is magic mode considered a serious security hole? 

>>			If you want to mount things (like the hard
>> disk you are trying to fix) you have to do something like this:
>
>> fsys -m /tmp /dev/dsk/c1d0s0
>
>> And to unmount it:
>
>> fsys -u /dev/dsk/c1d0s0
>
>
>Yeah, they're cryptic, allright, but if any yabbo could do it, then any
>yabbo could crack your system easily.

IMHO, making system administration commands cryptic does nothing to improve
system security.  It does, however, make it more likely that legitimate
SAs will make stupid mistakes that can cause just as much damage as any
'yabbo'!

> ... Try the 'set' command when you're in
>the shell at M.Mode and you'll see lots of useful shell variables and
>shell functions for the more necessary functions.

This brings us back to Mr. Pellett's original point.
Why should he, or any administrator of a 3b2, be forced to reverse engineer
something like magic mode, when it would be simple for AT&T to
include that information in the documentation?
Adequate documentation might also solve the other problem mentioned in regards
to magic mode:
(From Mr. Pellett's original posting)
> ..., but I remember wasting a lot of time once long ago before
>I found out about it: even most of the AT&T tech reps on the hotline don't
>know about it.

True, magic mode can be used by a bad guy to cause problems, but then so
can a lot of standard UNIX commands, all of which ARE documented. 
Judging from postings on the net, magic mode is one of the best known
undocumented features of the 3b2 line.
You can bet your average bad guy knows about it, and not documenting the fact
that there is a security problem lurking in your Essential Utilities floppies
leaves sites that do not know magic mode exists vulnerable to all sorts of
abuse.

>
>
>> Flint Pellett, Global Information Systems Technology, Inc.
>
>Heff
-- 
Darryl Jacobs		Bell Laboratories, Denver
att!drumn!darryl 

Note: I won't even claim these views as mine.

More information about the Comp.sys.att mailing list