RE: NFS Security Question
From: Nieusma, Jeff (nieusma@storageway.com)Date: 08/13/01
- Previous message: Thorsten Sideb0ard: "Re: NFS Security Question"
- Maybe in reply to: McGee Olson: "NFS Security Question"
- Next in thread: Matthew Collins: "Re: NFS Security Question"
- Next in thread: Darren Moffat: "RE: NFS Security Question"
- Reply: Matthew Collins: "Re: NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <116401DEA309D511828000508BD3FB671DA2C8@warren-mail.corp.storageway.com> From: "Nieusma, Jeff" <nieusma@storageway.com> To: focus-sun@securityfocus.com Subject: RE: NFS Security Question Date: Mon, 13 Aug 2001 14:31:35 -0700
One way to deal with that is don't give anyone the root password on any of
your machines. Use sudo to give people root access. Create a policy that
says people cannot become root (sudo su, sudo csh, sudo ksh, etc...) or any
other user without permission, they will be subject to disciplinary actions
up to, and including, termination. Then setup syslog on all your machines to
log to a limited access system, and review your logs.
Yes, this is a lot of steps, and some of them are political. That's
unavoidable. Anyone with root access (via the root password, or with sudo
access) will have the ability to become another user and/or access files
that they shouldn't. If you have appropriate policies in place and educate
your users about expected privacy, you have done all you can. If it's a big
problem, review the logs and find an "example" to discipline.
Good luck.
- Jeff Nieusma <nieusma@storageway.com>
Lead Security Engineer
StorageWay
> -----Original Message-----
> From: Neil Dickey [mailto:neil@geol.niu.edu]
>
> McGee Olson <molson@crystal.cirrus.com> wrote asking:
>
> >So, the scenario goes like this. You have two users "joe" and "bob".
> >You have two machines "foo" and "bar". "foo" and "bar" both satisfy
> >(3) and (4) above, and each has a different root password. "joe" has
> >root on "foo", and "bob" has root on "bar". "joe" logs in as root on
> >"foo", and then he executes the line "su - bob". Now, "joe" is logged
> >in as "bob" and has all the permissions associated with the "bob"
> >account.
> >
> >Is there anyway to stop this from happening?
>
> I don't claim to be an expert, just a sysop for a number of years,
> but I don't think there's a way to do that with NFS. We've had a
> problem like this that involved violation of AUPs, rather like your
> hypothetical situation, and the only fix possible under the circum-
> stances was to eliminate the NFS connection, among a number of other
> things. Briefly stated, the offending machine was isolated from the
> rest of our network.
>
> The only other possible solutions, as I see it, are to replace "joe"
> with someone you can trust, or get rid of the "su" command, or both.
> These options were either not available or were insufficiently secure
> in our situation.
>
> If anyone has a better approach, I'd sure like to know it.
- Previous message: Thorsten Sideb0ard: "Re: NFS Security Question"
- Maybe in reply to: McGee Olson: "NFS Security Question"
- Next in thread: Matthew Collins: "Re: NFS Security Question"
- Next in thread: Darren Moffat: "RE: NFS Security Question"
- Reply: Matthew Collins: "Re: NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
