[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Fri, 08 Feb 2002 12:32:04 -0800
Organization: nobaloney.net
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Barbara wrote:

> Luckily I don't allow shell access so those files
> can't be viewed.

False sense of security.  Very easy to write  cgi scripts to read them.

> But this begs the question WHY on
> earth would the official Cobalt Restore CD(s) be
> setting up restored boxes with risky permissions on
> the shadow password file?

I never said the restore CDs were doing it.  I don't know that they
are.  I don't think they are.

I originally thought it was the latest kernel patches or the latest
updates, but I'm not sure now.  An associate tells me he thinks it's
just RUNNING CMU.

We don't know yet.  Everything else is premature.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

References:
- [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Barbara

Prev by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Previous by thread: Re: [cobalt-security] Apache running as root . . . .
Next by thread: RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index