Ideas on UNIX security
jhh at ihldt.UUCP
jhh at ihldt.UUCP
Wed Jun 22 22:43:14 AEST 1983
Even worse than finding setuid files in bizarre places, is modifying
programs that root will use often. One approach could be to
write a version of ls or l that will change the owner of a file
to root, plus set the SUID bit on the file when it runs.
This way, the person who broke in could re-crack security any time
he pleased. Since the chown and chmod calls would only work
if the files existed, the person could create the file,
wait for a super-user to execute ls or l, have his way with
the system, and remove the evidence when done. The hardest
place to clean up would probably be the process accounting
files, plus remembering to change the modification times
when needed.
John Haller
Aside to rfs - I don't have the time or patience to do this, don't worry.
More information about the Comp.unix.wizards
mailing list