Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

comp.sys.3b1 FAQ part2
Section - 8.6. How can the UNIX PC be made more secure?

( Part1 - Part2 - Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Cities ]


Top Document: comp.sys.3b1 FAQ part2
Previous Document: 8.5. What do I do when the machine hangs at the boot message?
Next Document: 8.7. How do I access the expert menus in the diagnostics?
See reader questions & answers on this topic! - Help others by sharing your knowledge
	The best way to not worry about security is to not allow users
on your machine that aren't trusted.  Especially users that have shell
access.

	There are several serious problems with the UNIX PC's
software, specifically the User Agent (UA).  The UA (the windowing
environment, also known as the Office environment) has some serious
security problems.  The best solution, of course, would be to remove
the entire UA system from your machine.  This isn't the easiest
procedure (since there are lots of programs scattered all around the
disk that are tied into the UA) and probably not the most desirable
for some novice users.  What's so wrong with it?  Well, look in your
trusty manuals, in section 4.  The manual UA(4) states (talking about
UA configuration files):

	[...] (page 4)
	EXEC and SH have a number of variations, which are used depending
	on the intelligence of the process being invoked. 
	[...]
	The variations are specified via option characters as follows:

		-n	Run the process without a window
		-w	Run the process without waiting
		-d	Run the process in a dimensionless window
		-p	Run the process with superuser privileges
	[...]

	The "-p" option being the problem.  For a little experiment to
show to a security conscious user (who still likes the UA), start out
in a non-privileged user account.

	First create a file in your home directory called "Office"
with the following lines:

		Name=Super User UNIX
		Default = Run
		Run=EXEC -pwd $SHELL

	Then type:

		$ exec /usr/bin/ua

	Select the new object that you just created ("Super User
UNIX") and then at the "#" prompt type "id" for the effect.

		# id
		uid=0(root) gid=0(root)

	OK, convinced?

	If you really *LOVE* the UA, you can do something about this.
Protect the programs /usr/lib/ua/uasetx and /usr/lib/ua/uasig so they
are not executable by "other" and only executable by a "trusted" group.

    -rwsr-x---  1 root    trusted    4268 Jan  1  1970 /usr/lib/ua/uasetx
    -rwsr-x---  1 root    trusted    2068 Jan  1  1970 /usr/lib/ua/uasig

	Another problem involves UA mail-handling.  Send yourself some
electronic mail.  Nothing elaborate is necessary.

		$ mail myself < /dev/null

	Select the [mailbox] icon when it comes up, and then when
you're in /bin/mail, at the "?" prompt type "! /bin/sh".  Poof!  Root
shell.

		# id
		uid=0(root) gid=0(root)
		# pwd
		/etc/lddrv

	This last problem can easily be corrected with Lenny
Tropiano's "email" program that is archived on OSU as "email.sh.Z".
That program sets the correct user id, group id, and home directory.

	The other things to look for are covered in lots of books on
UNIX security: directories with 777 permissions (world writable),
setuid programs that aren't very security conscious, etc.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: comp.sys.3b1 FAQ part2
Previous Document: 8.5. What do I do when the machine hangs at the boot message?
Next Document: 8.7. How do I access the expert menus in the diagnostics?

Part1 - Part2 - Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
jbunch@nyx.nyx.net (John B. Bunch)





Last Update March 27 2014 @ 02:11 PM