RE: [fw-wiz] Stanford break in

From: R. DuFresne (
Date: 04/23/04

  • Next message: Chuck Vose: "Re: [fw-wiz] Waning Security"
    To: Victor Williams <>
    Date: Thu, 22 Apr 2004 19:58:11 -0400 (EDT)

    On Thu, 22 Apr 2004, Victor Williams wrote:

    > I'm still wondering why anyone would put their password file in plain view
    > of anyone that logs in...but maybe I missed something...
    > Sticky bits and chmod/chown are your friend. It's a pretty trivial deal to
    > lock someone in a chmod "jail" on any Unix-like OS current within the last 8
    > years. They've even got filesystem and directory level ACLs now! My advice
    > to anyone is "use them...liberally."

    locking someone's account from reading the /etc/passwd file prevents login
    from doing the thing it does, and thus the user is prevented from gaining
    access. Chroot'ing them to a jail is not too tough a task, but, then the
    user won't accomplish too much work on the system without great efforts
    being extended. An Os these days lacking a shadow/passwd setup is vastly
    behind the times. TCB is not for everyone and every situation.


    Ron DuFresne

            admin & senior security consultant:
    "Cutting the space budget really restores my faith in humanity.  It
    eliminates dreams, goals, and ideals and lets us get straight to the
    business of hate, debauchery, and self-annihilation."
                    -- Johnny Hart
    testing, only testing, and damn good at it too!
    firewall-wizards mailing list

  • Next message: Chuck Vose: "Re: [fw-wiz] Waning Security"

    Relevant Pages

    • Hey max, did you know...?
      ... that i once had a friend whose nickname was 'Sticky'? ... It is the honest njun truth. ...
    • Thank you Lizzy...I am new
      ... Lizzy is a friend of mine, we met a few years ago, almost 3, she sent ... time to be my sticky quit.. ...