Re: itp: static bins / resolving static debian issues
On Wed, Aug 18, 1999 at 03:32:52PM -0700, Steve Lamb wrote:
> >> A better option is to make an alternative UID 0 user with sash that is not
> >> root. However, this introduces a security hole.
Wednesday, August 18, 1999, 3:46:38 PM, Justin wrote:
> > It introduces no security hole, and is a reasonable idea. (Or if it does
> > open a security hole, then there is a bug in Debian).
On Wed, Aug 18, 1999 at 04:00:48PM -0700, Steve Lamb wrote:
> The security hole is that if it is done authomatically a default
> password, which will have to be publicly know, has to be assigned to
> this new user. Now, couple that with your idea of forcing the install
> on the ignorant and you now have a problem where a publicly known
> password to a root shell is on a machine that people may not know
> about.
No -- if I can decide what cases I wish to deal with and not deal with,
I'll have sash clone the root passwd entry as sashroot, then change the
shell to sash. [It would be nice if there were a well defined interface
for automated manipulations of the password file that supports this --
adduser does not, for example.]
> Furthermore it adds complexity in that the person now has to change
> two account's passwords to keep root secure. That isn't a bug, but
> that is a security problem.
Yes.
There are a number of issues (nis and pam being most of the rest of them)
and many of them are subtle.
--
Raul
Reply to: