Getting rid of the root account
John F. Haugh II
jfh at rpp386.Dallas.TX.US
Fri Jun 23 23:35:56 AEST 1989
In article <12148 at bloom-beacon.MIT.EDU> jfc at athena.mit.edu (John F Carr) writes:
>In article <1566 at mcgill-vision.UUCP> mouse at mcgill-vision.UUCP (der Mouse) writes:
>Before allowing mount access to someone, make sure that all your system
>directories are opened by some process (so you can't mount over them).
>Otherwise you may find somebody else's /etc mounted over your own (for
>example), at which point nosuid is no longer effective (there are a number
>of less obvious directories, depending on your system).
I was laying in bed thinking exactly this just last night ...
I had long wondered why login should be in /etc rather than /bin and
overmounting system directories makes the perfect case. I might
remember to protect /etc from being overmounted; will I remember to
protect /bin and others where system programs reside?
This problem of trusted programs executing non-trusted programs by
accident causes UNIX to be inherently untrustable. No trusted program
should ever execute any untrusted program. UNIX completely lacks this
concept.
--
John F. Haugh II +-Button of the Week Club:-------------
VoiceNet: (512) 832-8832 Data: -8835 | "AIX is a three letter word,
InterNet: jfh at rpp386.Cactus.Org | and it's BLUE."
UucpNet : <backbone>!bigtex!rpp386!jfh +--------------------------------------
More information about the Comp.unix.wizards
mailing list