X-RDate: Mon, 23 Mar 1998 09:25:09 +0500 (ESK)
Date: Sun, 15 Mar 1998 18:32:26 +0100
From: Peter van Dijk <[email protected]>
To: [email protected]Subject: [linux-security] bug in su (Slackware 3.4)
If sulog file logging is enabled in /etc/login.defs (shadowing installed!)
and su has never been used, a user can set his umask to 0 and then run su.
/var/log/sulog will then be created mode 666, which means user can use su
to try lots of passwords and then, when done, do something like
cat /dev/null > /var/log/sulog
and clear out the logfile.
Same goes for sudo.
Note: everything will still be logged in syslog (unless disabled!)
Greetz, Peter.
------------------------------------------------------------------------------
'Selfishness and separation have led me to . Peter 'Hardbeat' van Dijk
to believe that the world is not my problem . network security consultant
I am the world. And you are the world.' . (yeah, right...)
Live - 10.000 years (peace is now) . [email protected]
------------------------------------------------------------------------------
6:25pm up 1 day, 4:22, 5 users, load average: 0.69, 0.22, 0.07
------------------------------------------------------------------------------
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe [email protected] < /dev/null
