Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!xylogics!bu.edu!Shiva.COM!phil From: phil@Shiva.COM (Phil Budne) Newsgroups: comp.protocols.appletalk Subject: Re: aufs security warning/fix Message-ID: <1990Sep25.040905.4435@Shiva.COM> Date: 25 Sep 90 04:09:05 GMT Organization: Shiva Corporation, Cambridge Ma, USA Lines: 53 From: moyman@orchestra.ecn.purdue.edu (James M Moya) Subject: aufs security warning/fix Message-ID: <1990Sep7.223126.13757@Shiva.COM> Much to my dismay, if you have any UNIX accounts with nothing in the /etc/passwd "password" field, you can "connect" to that account through aufs (just use the login of that account in the chooser when "aufs connecting", and hit return) voila! full access!! ...This can cause potential (let your imagination run here) damage. Here is a quick aufs fix I put in that should do the job... Hmm... and I always thought it was a feature! (or a bug in your passwd file). My vote is to check the shell; >> case UAM_CLEAR: >> if (!apasswdfile) { >> p = (struct passwd *) getpwnam(nam); /* user name */ >> if (p == NILPWD) { >> log("Login: Unknown user %s",nam); >> return(aeParamErr); /* unknown user */ >> } if (p->pw_passwd == NULL || p->pw_passwd[0] == '\0' ) { char *sp; int found; found = 0; if( p->pw_shell != NULL ) { setusershell(); while( !found && (sp = getusershell()) != NULL ) if( strcmp( p->pw_shell, sp ) == 0 ) found = 1; } endusershell(); if( !found ) { log("Unauthorized access: bad shell %s", p->pw_shell); return(aeUserNotAuth); } /* not found */ } /* no password */ For the un-4.3-ized; getusershell() returns the lines of the file /etc/shells. If /etc/shells does not existq it returns "/bin/sh" and "/bin/csh" ............o Philip Budne . o---+----o Shiva Corporation . o | 1 Cambridge Center Internet: phil@Shiva.COM . Shiva | Cambridge, Ma 02142 . | Tel (617) 864-8500 (formerly budd@bu-it.bu.edu) . o---o Fax (617) 252-6852