Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!shelby!agate!ucbvax!apo.esiee.fr!bonnetf
From: bonnetf@apo.esiee.fr (bonnet-franck)
Newsgroups: comp.sys.apollo
Subject: security and display_manager
Message-ID: <9102061655.AA04063@apo.esiee.fr>
Date: 6 Feb 91 16:55:24 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 39

OUCH ! look at this :

$ lusr -allp -n f2dd
 //tpc6
    root.i1.none.F2DD.login         display_manager
    root.wheel.none.F2DD            init
    blondp.i1.none.F2DD             pad05
    blondp.i1.none.F2DD             pad04
    blondp.i1.none.F2DD             uid = 4FA68447.4000F2DD (desk)
    blondp.i1.none.F2DD             uid = 4FA68446.2000F2DD (clock)
    blondp.i1.none.F2DD             alarm_server
    blondp.i1.none.F2DD             pad01
    user.server.none.F2DD           mbx_helper
    root.server.none.F2DD           netman
    user.server.none.F2DD           server_process_manager
    root.wheel.none.F2DD            tcpd


What does it mean ? what a (bad) surprise , This user is root !!!

This is another security problem with the display_manager ...

This happened on a 10.1 machine  (DN 3000 diskless if it could help)
and it happen sometimes on this kind of machine.

Is it a workaroud , if yes , what is it ?

I precise that I cannot upgrade these machine to 10.3 because we
are running MENTOR GRAPHICS and we must stay on 10.1 ...

HELP !!!

-------------------------------------------------------------------------------|
bonnetf@apo.esiee.fr                     |                                     |
Frank Bonnet                             | Surfing ...                         |
E.S.I.E.E                                |                                     |
BP99 93162 Noisy le Grand cedex.FRANCE.  | the rest is details !               |
Fax   : 33 1 45 92 66 99                 |                                     |
-------------------------------------------------------------------------------|