How secure is UNIX? (Re: Stupid man pages)
Andy DeFaria
defaria at hpclapd.HP.COM
Sat Jun 9 02:18:07 AEST 1990
>/ hpclapd:comp.unix.questions / jik at athena.mit.edu (Jonathan I. Kamens) / 2:46 pm Jun 6, 1990 /
>In article <720015 at hpclapd.HP.COM>, defaria at hpclapd.HP.COM (Andy
>DeFaria) writes:
>|> I'm no security guru on Unix but it seems to me that the way around this
>|> problem would be to remove this silly restriction and allow ftp (and
>|> others?) to send encrypted passwords to the other host.
>
> I thought I already explained this. Sigh.
>
> Let's assume that what you said is possible. In that case, I do the
>following:
>
>1. Log into your machine.
>2. Grab the encrypted password for root out of the (publicly readable)
^^^^^^^^^^^^^^^^^
> /etc/passwd.
>3. "Ftp localhost".
>4. Use username "root", and the encrypted password I've already snarfed.
>
>Presto, I've just ftp'd as root, without ever knowing the root password!
>
> There is a fundamental concept you're missing -- the act of encrypting
>the password and comparing it to the password in /etc/passwd is the
>authentication; if you don't do the encryption, you haven't proven anything.
>
> (How many times am I going to have to explain this?)
>
>Jonathan Kamens USnail:
>MIT Project Athena 11 Ashford Terrace
>jik at Athena.MIT.EDU Allston, MA 02134
>Office: 617-253-8495 Home: 617-782-0710
>----------
I thought I explained this. IMHO /etc/passwd should NOT be publicly
readable. If this were true then you couldn't ftp as root because you
wouldn't even know the encrypted password, which, IMHO, you shouldn't have
access to.
More information about the Comp.unix.questions
mailing list