Re: Strange command histories in hacked shell history

From: Bill Vermillion (bv_at_wjv.com)
Date: 12/18/04

  • Next message: Scott Gerhardt: "Re: Strange command histories in hacked shell history"
    Date: Fri, 17 Dec 2004 21:25:56 -0500
    To: freebsd-security@freebsd.org
    
    

    Deep in the forest in the dark of night on Fri, Dec 17, 2004 at 20:11
    with a cackle and an evil grin Elvedin Trnjanin cast another eye of
    newt into the brew and chanted:

    > Bill Vermillion wrote:
    >

    > >Can anyone explain why su does not use the UID from the login
    > >instead of the EUID ? It strikes me as a security hole, but I'm no
    > >security expert so explanations either way would be welcomed.

    > Because su does exactly what is says. From the manual -
    >

    > DESCRIPTION
    >
    > *su* requests the password for /login/ and switches to that user and
    > group ID
    > after obtaining proper authentication.
    >

    I understand that after using Unix for about 2 decades.
    However in FreeBSD a user is supposed to be in the wheel group [if
    it exists] to be able to su to root.

    But if a person who is not in wheel su's to a user who is in wheel,
    then they can su to root - as the system sees them as the other
    user. This means that the 'wheel' security really is nothing more
    than a 2 password method to get to root.

    If the EUID of the orignal invoker is checked, even if they su'ed
    to a person in wheel, then they should not be able to su to root.

    I'm asking why is this permitted, or alternatively why is putting a
    user in the wheel group supposed to make things secure, when in
    reality it just makes it seem more secure - as there is only one
    more password to crack.

    > DESCRIPTION
    >
    > *sudo* allows a permitted user to execute a /command/ as the superuser
    > or another user, as specified in the /sudoers/ file. The real and
    > effective uid and gid are set to match those of the target user as
    > specified in the passwd file and the group vector is initialized based
    > on blah blah blah...

    And I use this for about two people who need extra levels to do
    certain things for their web sites.

    Bill

    -- 
    Bill Vermillion - bv @ wjv . com
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
    

  • Next message: Scott Gerhardt: "Re: Strange command histories in hacked shell history"

    Relevant Pages

    • Re: Strange command histories in hacked shell history
      ... >>to a person in wheel, then they should not be able to su to root. ... One more password to hack does make it harder, but in a paranoid ... > users in the wheel group can even execute su. ...
      (FreeBSD-Security)
    • Re: Strange command histories in hacked shell history
      ... >However in FreeBSD a user is supposed to be in the wheel group [if ... >it exists] to be able to su to root. ... >But if a person who is not in wheel su's to a user who is in wheel, ... The two password method is better than a new login ...
      (FreeBSD-Security)
    • Re: Question about a recent installation
      ... about how the root account is made. ... Found that the root folder was created ... the one, in addition to root, that belongs to the wheel group. ...
      (freebsd-questions)
    • Re: Strange command histories in hacked shell history
      ... > However in FreeBSD a user is supposed to be in the wheel group [if ... > it exists] to be able to su to root. ... > But if a person who is not in wheel su's to a user who is in wheel, ... > reality it just makes it seem more secure - as there is only one ...
      (FreeBSD-Security)
    • Re: Help with sudoers and wheel - "Old Guy" or anyone?
      ... (I am root on my home systems, and have "root" user accounts at work, ... Notice - no permissions for normal users to run. ... members of the 'wheel' group could run those commands. ... >Use halt, reboot, shutdown, mount, and tcpdump commands. ...
      (comp.os.linux)