[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wtmp locking problem



maor@ece.utexas.edu (Guy Maor)  wrote on 06.03.97 in <87wwrlezkg.fsf@slip-64-2.ots.utexas.edu>:

> I was looking for an explanation of this denial of service attack.
> Maybe I'm being obtuse, but I can't figure out how changing the
> location of the flock'd file changes the ability for somebody to lock
> it and prevent other logins.  Surely it doesn't only apply if there's
> a world-writable wtmp?  That would be silly.

The denial of service attack, obviously, is that locking whatever the lock  
file is prevents people from logging in.

How the other lockfile helps prevent this is, however, unclear to me - if  
it works by removing rights to the file, those could just as well be  
removed from *tmp, IMHO.

As to an archive, have a look here:

-----BEGIN PGP SIGNED MESSAGE-----

As I am sure you noticed from my messages to linux-{security|alert}, I have
changed my primary email address from alex@bach.cis.temple.edu to
alex@yuriev.com. Linux Security WWW will be moved from bach.cis.temple.edu
in the nearest future and while I will continue to mirror pages to make them
accessible at http://bach.cis.temple.edu/linux/linux-security/, please start
using the master URL ( which probably will be on one of a systems at my
apartment ) as soon as it is announced. Red Hat Software will continue to
mirror Linux Security WWW at http://www.redhat.com/linux-info/security/.

The attached are the edited versions of my PGP public key that reflect the
change of email address.

Finally, I would like to say that I am really glad to be working with you
all and hope to see at least some of you at the Linux Expo 97


Best wishes,
Alexander O. Yuriev
Co-moderator of linux-{security|alert} mailing lists.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzB/FxsAAAEEAJbrZV5VAWKmPdZhMwKeSm/NQLu524wyZt05KRqItEq0XiWJ
LYVo3hkR6+I9cREe8sJ/6wMfSVpbBeewkwhz22RLxA8oiAsx8XdMXF6jtuizafp8
fG2EI4OTd/tOvbDFgWlGZ71k3KyKWXeEAvyMjwNUAmt8xBgAWJ0afeTWLUSJAAUR
tCVBbGV4YW5kZXIgTy4gWXVyaWV2IDxhbGV4QHl1cmlldi5jb20+tCxBbGV4YW5k
ZXIgTy4gWXVyaWV2IDxhbGV4QGZveGJhdC55dXJpZXYuY29tPrQmQWxleGFuZGVy
IE8uIFl1cmlldiA8YWxleEBtYWlsaHViLmNvbT60JUFsZXhhbmRlciBPLiBZdXJp
ZXYgPGFsZXhAbmV0YXhzLmNvbT60LkFsZXhhbmRlciBPLiBZdXJpZXYgPGFsZXhA
YmFjaC5jaXMudGVtcGxlLmVkdT6JAJUDBRAxRPGKH45jkkd93lEBAZA/BACUhhoc
yj4u/JZJi80HmXtIgiVHX/CLpQDumkl5Y4OY7sK0yuaYkGdpIJV63FWkLUNU4WWn
ZkdTBh08QEw75WAZLjNjKktVpEdz4hHPWEUaFvSGg2sXAbtxJh/H7QjjZ9IiQBAm
CwZZ6mZorQQcqIadxKBkpKwThVnSg8ku5GGZ8IkAlQMFEDD9wBrhZ1R17+NHrQEB
FZMD/3txHc2MnwitD9SnQSldB5W3ii1N7s9lCjk7SCHdfrjFYX/CDLUVmaTCLe2K
GNzmUw7rCBXkHwExBjyi2GbOf+wZFf315Wwj6Zow+oUv4rgUn6FPjW9t++U13IZd
PzHrtE7TEUm8GtSciKBWTcQ/pWhfHanbRx8JaSnEdrj4VfJoiQCVAwUQMMeR3noD
qzGe1QXFAQG2zAQA0cnvQGetRnwrgO3ODZi0qcOejTHDLK+1Y2W27OjjudRpaF+6
zt9E/vLinhald/4bCbQGBi6mZdCIrs58K0nuzmGKFeDmgJt1Kr3S/zEteAwTykSv
jnD5LSmHgmzy9/pKMFA+Vw5u8nFhPKajHhXoFazLHPht9P2H+ov4CaMWEg2JAJUD
BRAwiF9SnRp95NYtRIkBAZ3OBACEa7xNAPFW1ptBOSUk3yxnWog6CT4wRx6l6sfC
dHcVErm5aS6BYWsgPaz0tvJPLl8icsFdOnFpz7nfNzxNkq8pPDQ0P9uy7E0WFNuX
OIQfFf8f4xm9xYvWZ3z7cme6FrwUn+Bqs4tVZ9c6fty8gd+GT8gJm8p9uzN/R70O
nF3chokAlQMFEDCIXpKMRVM9rfPulQEBScQEAJbuVTS25XYfQRO6Qitx1ULzrhAj
SrJfkEfyuu6qcES+TSn8n8CF649uPgclttDNwtX9Q0n+DGRJltZFJdZU8RW5bqnH
mEu6ppFf/T0rYmf09l4bL6Uv6TT5XoAX1B6DuGXaBnbrVR+OyGLl0wHB33sCqWZJ
+EcArUmmfMCwYiJYiQCVAwUQMIg3jLxzFUpUTHgFAQHT6gP9EWD6i68oIplPWffQ
3royxOT02SBHWBIDkexXJvZTpOIt8IwqnkwSpwtn0PnnkqbtdDwjBk+k33kvLjV/
vRZqyuxJ8M+UGIqiBO6cHQXo3DWdBaBVtIBP/f/A/0r5x1GB9sUGz9mav2ZBcy+T
8rVR9UBXvJsA3CA2YAjbsKAK/Ka0JkFsZXhhbmRlciBPLiBZdXJpZXYgPHl1cmll
dkBwb2JveC5jb20+
=SoZ6
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMxDRAZ0afeTWLUSJAQGqPwP+L+lCPdGXjiwFA/9PHzhR7IqGsg+kUMco
0MmrnJ3z9ZBj8aLhq+ODRgtCBB5bKtMFdUqeP0RcKhagKWkN9BQQU8+e+XAIHUXC
Pma+eTJBcSHHeTIOr72zImBRuWwzU5Vb3zC9F2r8Ayismb7VYcPue1FE2w6qN2tj
gxbPa5OVnRQ=
=jxO5
-----END PGP SIGNATURE-----

MfG Kai


Reply to: