Re: [Full-Disclosure] Partial Solution to SUID Problems
Date: Sat Dec 06 2003 - 19:59:22 CST
On Sun, 07 Dec 2003 01:59:50 +0100, Michal Zalewski said:
> The way I handle this is creating several :0:0: accounts with separate
> passwords. After login, they will all see themselves as the first user
> with :0:0 in /etc/passwd, but utmp/wtmp/lastlog entries and syslog
> messages would refer to the original login account.
That mostly works too, except many shops like to say "exactly 1 UID 0 account"
in /etc/passwd - it's a lot easier to flag "there must be exactly one" than
"there should be exactly as many as however many people have root access
this week". Makes lots of fun at 3AM when the system-check cronjob
runs and says there's 6 users where there should be 5 :)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
This archive was generated by hypermail 2.1.8 : Sat Dec 06 2003 - 21:01:00 CST
