Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!pcserver2!kdenning
From: kdenning@pcserver2.naitc.com (Karl Denninger)
Newsgroups: comp.unix.admin
Subject: Re: Security in SunOS
Summary: Sparcstation can be protected
Keywords: security
Message-ID: <1991Feb20.155250.18960@pcserver2.naitc.com>
Date: 20 Feb 91 15:52:50 GMT
References: <784@jt.dk>
Organization: AC Nielsen, Bannockburn IL USA
Lines: 28

In article <784@jt.dk> erl@jt.dk (Erik B. Larsen) writes:
>
>I've noticed af security-hole in SunOS (maybe).
>If you have a diskless workstation mounted on af server, and they are running
>NIS, then of cource you only have one entry for root (on the server).
>
>Now - everyone can boot a workstation up in single-user, and if you just know
>a little bit of Unix, then it's easy to make an user called root or something 
>else in the clients /etc/passwd.
>
>Then you can boot up in multiuser, and you've free access on the server to
>delete everything!

You are correct.  If you can boot single user, and/or get root, you can then
su to anyone else and do what you will.

However, you can prevent booting single-user.  See "security-mode" in the
PROM command screen for details.  Basically it's a second password you have
to know in order to do anything other than boot multiuser from the default
drive/server.

--
Karl Denninger - AC Nielsen, Bannockburn IL (708) 317-3285
kdenning@nis.naitc.com

"The most dangerous command on any computer is the carriage return."
Disclaimer:  The opinions here are solely mine and may or may not reflect
  	     those of the company.