[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] fun with /usr/lib/authenticate

Subject: Re: [cobalt-security] fun with /usr/lib/authenticate
From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
Date: Fri, 23 Aug 2002 19:11:21 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello Graeme,

> > Tried the exploit on an up to date RaQ4 and the exploit
> > did not work. It was able to do everything except the
> > most important bit which was to get a CRON job to run
> > to allow root access. Maybe the exploit is crippled?
>
> In the best tradition of public full disclosure, indeed it is. You need a
smattering of shell scripting knowledge to work out where the fault is. And
if you read your email after running the script, it's made extremely clear
;-)

Got it - it works nicely now.

> BTW I ran it on a patched right-up-to-the-one-before-the-SHP debacle RaQ4,
and it worked right-out-the-box. I have, however, long since ceased to be
surprised by these things. In my experience, if you have interactive shell
access as any user, you have root already.
>
> Lesson to be learned here is: don't give users shell access, unless you
absolutely trust them.

I couldn't agree more.

--
Regards,
Jonathan Michaelson
Commercial CGI Scripting, Web Hosting
Web-based Email, Homepage Creation and Live Help products
http://www.webumake.com

References:
- RE: [cobalt-security] fun with /usr/lib/authenticate
  - From: Graeme Fowler

Prev by Date: Re: [cobalt-security] fun with /usr/lib/authenticate
Next by Date: [cobalt-security] (no subject)
Previous by thread: Re: [cobalt-security] fun with /usr/lib/authenticate
Next by thread: [cobalt-security] Re: help (Mark Weale)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index