Re: pppd and setuidness (was Re: 3 Questions)

To: debian-user@lists.debian.org
Subject: Re: pppd and setuidness (was Re: 3 Questions)
From: Richard Kettlewell <richard@greenend.org.uk>
Date: Tue, 18 Jun 96 01:22:23 +0100 (BST)
Message-id: <[🔎] cNNvq+6Z4g@sfere.elmail.co.uk>
In-reply-to: <9606171315.AA21005@sun10.sep.bnl.gov.sep>
References: <[🔎] m0uVQhZ-0002b4C@chiark.chu.cam.ac.uk> <9606171315.AA21005@sun10.sep.bnl.gov.sep>

>>One could make the uid of the account zero to achieve this without
>>making pppd setuid, though I can imagine this making people jump up
>>and down about security - can anyone think of an attack on this?
>
>If the user figures a way to change their shell, you're dead. 

Quite so.  Similarly if there's a way of running a shell under a uid
provided you know the appropriate password.  AFAICT su is safe against
this as long as pppd (or whatever script one uses) isn't in
/etc/shells.

I'd be very wary indeed of actually *trying* this!

- Richard

-- 
http://www.elmail.co.uk/staff/richard/
GCS d- s+:- a-- C++ ULVS+++$ P+++ L++ E++ W(++,--) N(++,+) o? K w---
O? M- V? PS(+,+++) PE Y+ PGP+ t- 5++ X+@ R tv--- b++>++++ DI+ D+ G e++
h r% y++

Reply to:

References:
- pppd and setuidness (was Re: 3 Questions)
  - From: Richard Kettlewell <richard@greenend.org.uk>

Prev by Date: Re: critical :) nethack question
Next by Date: Re: 3 Questions
Previous by thread: Re: pppd and setuidness (was Re: 3 Questions)
Next by thread: Re: 3 Questions
Index(es):
- Date
- Thread