Re: [Full-Disclosure] Partial Solution to SUID Problems

From: Todd Burroughs (todd_at_hostopia.com)
Date: 12/07/03

  • Next message: IndianZ: "[Full-Disclosure] CLOSED: RING Fingerprinting"
    To: Valdis.Kletnieks@vt.edu
    Date: Sun, 7 Dec 2003 03:28:15 -0500 (EST)
    
    

    > Sometimes, old and silly rules aren't just about security.
    >
    > The *real* reason for the "always su from a user account" rule isn't to stop
    > exploits. It's so you have an audit trail of who did what.

    This is exactly why I need su. We have about 20 people with root access,
    only about 8 or 10 that regularly change things. You need an audit trail,
    we all make mistakes and it's a lot easier and faster (really important
    on a production system) if you find out who did it and talk to them.

    If you only have a couple admins, direct root logins should work fine.
    It's still nice to know what user logged in, if that account is
    compromised, at least you know. With root logins, you don't know who
    is logging in.

    I agree that it doesn't add much in the way of security, but I've found
    that most problems are caused by the admins. I know I've done my share
    and I've gotten that call saying "what the f*** did you just do do ns2?".
    (Usually, I fix things I break before anyone notices though ;-)

    Also, I haven't looked at the source for su, but it *should* be a fairly
    simple program and therefore easier to secure. (compare to X, kernel, etc.)

    Todd

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: IndianZ: "[Full-Disclosure] CLOSED: RING Fingerprinting"

    Relevant Pages

    • Re: Securing the database from the DBA
      ... > All of these methods, and many of Oracle's other security features, ... > also give the DBA the powers to circumvent these measures? ... > facilities as your audit trail tool, ... All machines immediately send a web service post (via custom ...
      (comp.security.misc)
    • Securing the database from the DBA
      ... All of these methods, and many of Oracle's other security features, ... also give the DBA the powers to circumvent these measures? ... facilities as your audit trail tool, ... of Oracle for securing the database, such as some third party tool? ...
      (comp.security.misc)
    • Re: Securing the database from the DBA
      ... IT Security professionals have responsibilities to setup security standards ... > also give the DBA the powers to circumvent these measures? ... > facilities as your audit trail tool, ...
      (comp.security.misc)
    • Re: Setting up remote dial up
      ... >> I want to be able to dial in to my server in case the network goes down. ... > The safest way is to log in as a non-root user and su to root. ... allowing straight root logins from a serial line is a security concern. ...
      (comp.os.linux.setup)
    • Security and Audit functionality
      ... required to keep an audit trail of who performed what action, ... Create 5 DB tables: Users, SecurityProfiles, SystemTasks, TasksProfileLinks, ... For this to work each user is given a securityprofileID, ...
      (microsoft.public.dotnet.framework.aspnet.security)