Path: utzoo!attcan!uunet!europa.asd.contel.com!noc.sura.net!haven!decuac!hussar.dco.dec.com!mjr From: mjr@hussar.dco.dec.com (Marcus J. Ranum) Newsgroups: comp.unix.ultrix Subject: Re: su bug in Ultrix 4.1 still there Message-ID: <1990Dec11.045743.27648@decuac.dec.com> Date: 11 Dec 90 04:57:43 GMT References: Distribution: comp Organization: Digital Equipment Corp., Washington Ultrix Resource Center Lines: 27 rusty@belch.Berkeley.EDU (Rusty Wright) writes: >I just upgraded my DECstation 5000 to Ultrix 4.1 and the su bug from >Ultrix 4.0 is still there. For those of you who missed my tirade when >I upgraded to Ultrix 4.0, here's a synopsis of the problem. > >If your security level is set to ENHANCED you can't use the su command >unless the tty line you're on is marked secure in /etc/ttys.[...] >But on a workstation running windows you'll almost always be on a tty >that's a pseudo tty[...] I see the idea of 'su' and ENHANCED security as mutually exclusive, to tell you the truth. If you are running under ENHANCED mode, you should be serious enough about security not to want anyone rooting around on the machine as "root" unless they log in as "root" on a secure tty (in this case, *the* secure tty). I mean, if you want to be able to 'su' to "root" on an unsecure terminal, the code is trivial to write - a setuid "root" program that checks "root"'s password, then execs a shell. But, then, you've bypassed your security, and you may as well not run ENHANCED. I'm not convinced what you've got is a bug. It may be a feature. :) mjr. -- I'd trade all the CASE tools in the world for one real programmer. [From the programming notebooks of a heretic, 1990]