SECURITY Concerns for Unix systems
Bob Ankeney
bob at reed.UUCP
Thu Apr 11 01:44:27 AEST 1991
A recently posted program brings up a common security problem with Unix
systems - that of read permissions on disk devices in /dev. The posted program
allows files to be read from any filesystem with read permission to the user.
The filesystem need not be mounted. Now might be a good time to check
permissions on your system!
Speaking of permissions, I've noticed a number of Unix systems with mode
777 on the root directory! This is an easy in for anyone wanting super-user
access. I've noticed this on both AT&T and NCR unix boxes.
----------------------------------------------------------------------
Bob Ankeney | "Yield and overcome. |
...!tektronix!reed!bob | Bend and be straight. |
...!tektronix!bob at reed.BITNET | Empty and be full." - Lao Tzu |
----------------------------------------------------------------------
More information about the Comp.unix.admin
mailing list