Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!mips!daver!tscs!tct!chip From: chip@tct.uucp (Chip Salzenberg) Newsgroups: comp.unix.sysv386 Subject: SCO makes C2 less obtrusive, for free! Film at 11. Message-ID: <27C2B073.352C@tct.uucp> Date: 20 Feb 91 17:22:58 GMT Organization: Teltronics/TCT, Sarasota, FL Lines: 203 According to david@talgras.UUCP (David Hoopes): >I hate C2. I hate it alot. Then RUN, do not walk, to your nearest UUCP-capable UNIX computer, and pick up from SCO the free support level supplement "unx257", entitled "UNIX Security Supplement." It actually makes C2 security endurable until that long-awaited day when we can all "rm -rf /tcb /etc/auth" with maniacal grins reflecting from our publicly visible monitors. :-) Among the high points: any user can su(C) to any other user! su(C) sets the login id! at(C) and crontab(C) don't complain if the real and login ids don't match! various commands make administration-without-sysadmsh easier. And in other cool developments unrelated to C2: su(C) and login(C) set the supplemental group vector, so you can belong to up to sixteen groups at once! login(C) no longer leaves the terminal database locked once in a while. su(C) preserves the umask. Judging by one day of use, SCO really did a good job on this update. Bravo, ladies and gentlemen, bravo. First, here's the info on connecting to SCO's machine "sosco": vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv UUCP Connection information: Machine name: sosco Phone numbers: (408) 425-3502 (2 lines, 300-9600 baud V.32 standard) (408) 429-1786 (9600 baud Telebit) Login name: uusls (forth character is the letter "l" rather than numeral "1") No password ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ After setting up UUCP to sosco, pick three files using commands like these: uucp sosco\!~/SLS/info /some/local/dir/sosco-info uucp sosco\!~/SLS/unx257.ltr /some/local/dir/unx257.ltr uucp sosco\!~/SLS/unx257 /some/local/dir/unx257 The "info" file contains the connection info above, as well as miscellanous instructions. The "unx257.ltr" file is the update cover letter; it will explain the installation procedure and the features and bug fixes you get when you install the update. The "unx257" file is the image of the update floppy. BE SURE TO READ THE COVER LETTER IN ITS ENTIRETY. For those who wonder if it's reall worth the trouble -- it is! -- here is the full feature list, excerpted from the cover letter. vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv SLS unx257 includes the following features: Enhanced crash recovery, including modifications to tcbck(ADM). Command-line utilities, rmuser(ADM) and unretire(ADM), for removing, retiring and unretiring users. The utility, passwdupd(ADM), to create a user who was added to /etc/passwd file manually. A hushlogin feature in login(M) for suppressing copyright and other messages during a login. A new authck(ADM) -y flag that silently corrects any errors in the subsystem database. The utility, fixmog(ADM), to change the permissions of all files to match their entries in the File Control database. The utility, cps(ADM), for setting the permissions of individual files to match their entries in the File Control database. A locking utility, ale(ADM), that enables administrators to write scripts that update the Authentication database. The utility, ttyupd(ADM), that updates the Terminal Control database to match /etc/inittab. The utility, asroot(ADM) that allows an authorized user to run a defined set of commands as superuser without the root password. New semantics of PASSLENGTH in /etc/default/passwd that represent the absolute minimum password length to be enforced by passwd(C). Modifications to su(C) - Instead of allowing a user to su to root only, users can su to any account if they have the account password. - The system can be configured to a C1 level of security so that su transitions also transfer the authorizations of the account. (III) Other Improvements and Additions SLS unx257 also includes the following improvements and additions. Note: Unless otherwise stated the problems described below are present in all the software environments specified earlier. addxusers(ADM) - Now handles a relative pathname for the name of the input file. - Allows the passwords of newly added accounts to be changed if they did not have aging information. authck(ADM) - Increased robustness to repair additional errors in the subsystem database files. lpadmin(ADM) - Creates /usr/spool/lp/admins/lp/printer/ with the correct permissions of 770, owner=lp, group=lp (previous versions of lpadmin created these directories with various incorrect permissions). - Can now be used by a user with the lp authorization. (This problem is not present in SCO UNIX System V/386 Release 3.2 Operating System Version 2.0.) lpfilter(ADM) & lpforms(ADM) - Can now be used by a user with the lp authorization. (This problem is not present in SCO UNIX System V/386 Release 3.2 Operating System Version 2.0.) sulogin(ADM) - The LUID is now set under all circumstances. - The gid is set to root's group as specified in /etc/passwd. sysadmsh(ADM) - The useshell helper program used by sysadmsh now displays descriptive error messages. at(C) - No longer displays error messages when used from an su session. chmod(C) - Displays more accurate error messages. - Error checking done consistently across all combinations of command line arguments. crontab(C) - No longer displays error messages when used from an su session. - No longer core dumps when an account name for the -u flag is longer than 5 characters. - When the -u and -r flags are used to remove an account's crontab file, the cron jobs for that account are immediately stopped. (This problem is only present in SCO UNIX System V/386 Release 3.2 Operating System Version 2.0.) - The File Control database is used to obtain the correct permissions of crontab files rather than using hardcoded values. login(C) - Does not produce the 'cannot access Terminal Control database' message when a large number of concurrent logins take place. - The override shell spawned in emergencies now has its LUID set. - All combinations of null passwords and PASSREQ work as documented. - Use of an invalid username is now audited as . passwd(C) - Lockfiles are no longer left behind when setting a dial-up password. su(C) - No longer makes two entries in the sulog file each time it is used. umask(C) preservation - auths(C), su(C), newgrp(C), and at(C) now use the current value of the user's umask rather than setting it to 077. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -- Chip Salzenberg at Teltronics/TCT , "It's not a security hole, it's a SECURITY ABYSS." -- Christoph Splittgerber (with reference to the upage bug in Interactive UNIX and Everex ESIX)