Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!wang!fitz
From: fitz@wang.com (Tom Fitzgerald)
Newsgroups: comp.unix.sysv386
Subject: "asroot" command (was: Enchancements to SCO UNIX C2 Security)
Keywords: unx257 c2 sco unix
Message-ID: <b1ii3e.4n3@wang.com>
Date: 27 Feb 91 16:06:49 GMT
References: <27B93F44.5606@tct.uucp> <1013@tuura.UUCP> <43@talgras.UUCP> <14791@scorn.sco.COM>
Organization: Wang Labs, Lowell MA, USA
Lines: 22

paulz@sco.COM (W. Paul Zola) writes:
> The supplement name is "The SCO UNIX System V/386 Release 3.2 Security
> Supplement", and the SLS number is unx257.  This SLS is availible 
> for anonymous UUCP via sosco, and through the usual support channels.

[...]

>   The utility, asroot(ADM) that allows an authorized user to run a defined 
>   set of commands as superuser without the root password. 

One warning to people who install this thing - commands like "asroot" (and
"sudo", a PD version of the same thing) are substantial security holes.
Personally I've had great luck penetrating root on any system where these
tools are installed.  Not because they're holes themselves, but because
user accounts are usually much easier to break into than the root account,
and these tools give you a free ride from the user's account into root.

"rm asroot" is strongly recommended.

---
Tom Fitzgerald   Wang Labs        fitz@wang.com
1-508-967-5278   Lowell MA, USA   ...!uunet!wang!fitz