On Wed, May 09, 2001 at 06:13:23PM +0200, Lorenzo De Vito wrote: > Yesterday, my RISC, with Linux installed, was corrupted by a command > launched from superuser by my brother (a mistake), the command was: > (root don't have password) ^^^^^^^^^^^^^^^^^^^^^^^^^^ WHY? <lart> this is exceedingly stupid </lart> > $ su > # /bin > # chmod 777 * > > at this point if I try to enter like user to root with "su": > > $ su > password: (??password, but there isn't password ??) > the the system crash... > > and if I try to print with "lp", the same result. thats because su and lp are setuid root, or rather used to be. now they are no longer suid, but are world writable (huge security hole). i thought lp was in /usr/bin though... > Is possible that the permit change was corrupted all system ? /bin doesn't have nearly as much as /usr/bin so this is fixable, but its still a bit of a pain. on my system the only suid binaries i have there are ping, ping6 and su. first step login as root on teh console, this should still work since it does not depend on suid binaries. then: cd /bin chmod 755 * # close that huge security hole chmod 4755 /bin/su /bin/ping /bin/ping6 you can also reinstall all affected packages by doing a dpkg -S on each file in /bin then apt-get --reinstall install <package> where <package> is the packagename returned by dpkg -S and next time set a password for root. for one thing an internet connected box has no business having ANY account with a null password much less root. and even on a home, non-networked box root should be passworded, you obviously have annoying relatives/friends, thats reason enough. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpZQVyKeSoQF.pgp
Description: PGP signature