interesting feature on AMIX..
Frank McPherson
frank at hfsi.UUCP
Mon Jun 24 01:07:36 AEST 1991
In article <1991Jun21.201119.722 at ckctpa.UUCP> crash at ckctpa.UUCP (Frank J. Edwards) writes:
>Suppose I make a floppy on my machine and put a copy of ksh on it. Then
>I make that ksh set-uid to root and mount it on your system. I execute
>that ksh and viola! I get the "#" prompt...
>
Would you have to meddle around with the KSH to make it set-uid to root?
My point here is, if you started up a ksh, even if from your own file
system, shoudn't it disallow you to setuid to root? If not, that is a
pretty serious security hole in the way we're doing things. I'm not
sure that it really MATTERS, because the machines aren't incredibly
important anyway, and there aren't any overwhelming reasons for someone
to want root access on one of them, other than just saying they did it.
>Actually, the solution presented by Steve Warren is much sturdier: the
>same script would search the inodes looking for set-uid programs. If
>any were found, the disk would not be mounted.
>
That makes good sense.
-- Frank McPherson INTERNET: emcphers at manu.cs.vt.edu --
More information about the Comp.unix.amiga
mailing list