RE: [fw-wiz] Stanford break in

From: R. DuFresne (dufresne_at_sysinfo.com)
Date: 04/23/04

  • Next message: Chuck Vose: "Re: [fw-wiz] Waning Security" 
    To: Victor Williams <vbwilliams@essvote.net>
Date: Thu, 22 Apr 2004 19:58:11 -0400 (EDT)

    On Thu, 22 Apr 2004, Victor Williams wrote:

    > I'm still wondering why anyone would put their password file in plain view
    > of anyone that logs in...but maybe I missed something...
    >
    > Sticky bits and chmod/chown are your friend. It's a pretty trivial deal to
    > lock someone in a chmod "jail" on any Unix-like OS current within the last 8
    > years. They've even got filesystem and directory level ACLs now! My advice
    > to anyone is "use them...liberally."

    locking someone's account from reading the /etc/passwd file prevents login
    from doing the thing it does, and thus the user is prevented from gaining
    access. Chroot'ing them to a jail is not too tough a task, but, then the
    user won't accomplish too much work on the system without great efforts
    being extended. An Os these days lacking a shadow/passwd setup is vastly
    behind the times. TCB is not for everyone and every situation.

    Thanks,

    Ron DuFresne 

    -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Chuck Vose: "Re: [fw-wiz] Waning Security"

    Relevant Pages

    • Hey max, did you know...?
      ... that i once had a friend whose nickname was 'Sticky'? ... It is the honest njun truth. ...
      (rec.sport.pro-wrestling)
    • Thank you Lizzy...I am new
      ... Lizzy is a friend of mine, we met a few years ago, almost 3, she sent ... time to be my sticky quit.. ...
      (alt.support.stop-smoking)