[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Root

Subject: Re: [cobalt-security] Root
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Fri, 14 Jul 2000 17:54:57 +0100 (BST)

Anybody can su to root as long as they are in the 'wheel' group - you can
add yourself into the group by editing the '/etc/groups' file, or through
the web interface (I think).

On Fri, 14 Jul 2000, Frank Smith wrote:

> On the RAQ2 at least it seems you can only su to root if you are
> logged in as admin.  Are you always trying to su from the same
> user?
>    If you don't have . in your path you are much less likely to
> execute an unexpected program.
> 
> Frank
> 
> 
> Frank
> 
> --On 07/14/00 08:46:44 -0600 David Love <dlove@xxxxxxxxxxxxxxxxxxxxx> wrote:
> 
> >> How is it that once in a while, i lost root access (when i su to root, it
> >> gives wrong password).  But, when I reboot the server, and su again it
> >> works.  Then, after a while (a couple of days) it gives the same problem
> >> again.  Was our server hacked, was it a bug?
> >
> >
> > First thing that comes to mind:  When you su, do you specify the full
> > path (/bin/su) or just the command?  If the latter, it's possible you're
> > picking up some other su command (e.g., a shell-script some user created
> > that tries to capture an unsuspecting admin's password). Always specify
> > the full path for su .
> >
> > I can't think of any other reason, other than bad typing, that su would
> > randomly fail.
> >
> >   - Dave
> >
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
> 
> 
> 
> Frank Smith                                          fsmith@xxxxxxxxxxx
> Systems Administrator                               Voice: 512-374-4673
> Hoover's Online                                       Fax: 512-374-4501
> 
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
> 

-- 

gossi the dog

email: gossi@xxxxxxxxxxxxxx
irc:   gossi in #markthomas (efnet / irc.ins.net.uk)

References:
- Re: [cobalt-security] Root
  - From: Frank Smith

Prev by Date: RE: [cobalt-security] Root
Next by Date: [cobalt-security] How do I reset web statistic on my raq3
Previous by thread: RE: [cobalt-security] Root
Next by thread: [cobalt-security] SSL on RAQ2

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index