Path: utzoo!attcan!uunet!wuarchive!zaphod.mps.ohio-state.edu!samsung!rex!uflorida!haven!udel!princeton!cs!samadams!tr From: tr@samadams.princeton.edu (Tom Reingold) Newsgroups: alt.hackers Subject: Re: Execute only files on Novell Message-ID: <224@rossignol.Princeton.EDU> Date: 7 Jun 90 23:34:47 GMT References: <445@ria.ccs.uwo.ca> Sender: news@cs.Princeton.EDU Organization: Princeton University, NJ Lines: 36 Approved: me (him) In article <445@ria.ccs.uwo.ca> pruss@ria.ccs.uwo.ca (? pruss) writes: $ The Execute-Only attribute in Novell netware seems to be rather $ poorly implemented. While much care is put into making certain $ that the attribute is permanent and cannot be revoked by any user $ (not even supervisor), with a little care and ingenuity any $ JoeHacker-User with execute priveleges to that file can copy it. $ $ In fact I have even been able to write a program that makes it possible $ for any user to run it and subsequently copy ANY exec-only file. $ $ Please note I have distributed neither my program nor specific data $ on how this is done. $ $ The cause of this security gap seems to be the fact that for exec-only $ files the server queries the workstation whether it is executing $ the program and thus is allowed to read it, or whether it is just reading it. $ The workstation can, of course lie... $ $ I am wondering whether any one has hacked netware to make exec-only $ more secure? This is probably a "hard" problem to solve. There is no notion of network security, only security on machines. So once a message gets to the network, it is assumed to be authoritative. I have read that the same problem exists in NFS. Superuser must have read access to a file in order to load it into memory, at least in theory. So to execute a file, you have to "copy" it into memory. If Superuser on a machine can read it, how are you going to prevent Joe User from having less access than Superuser if the authentication is done on the network? -- Tom Reingold tr@samadams.princeton.edu rutgers!princeton!samadams!tr 201-560-6082