Xref: utzoo comp.unix.admin:1572 comp.unix.wizards:24814 comp.unix.internals:2525
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!mips!sdd.hp.com!uakari.primate.wisc.edu!ames!uhccux!munnari.oz.au!brolga!bunyip.cc.uq.oz.au!lance!kirk!bambi
From: bambi@kirk.nmg.bu.oz.au (David J. Hughes)
Newsgroups: comp.unix.admin,comp.unix.wizards,comp.unix.internals
Subject: Re: SECURITY Concerns for Unix systems
Message-ID: <2952@kirk.nmg.bu.oz.au>
Date: 12 Apr 91 00:08:22 GMT
References: <16313@reed.UUCP>
Organization: Communications Development & Operation, Bond Uni, Australia
Lines: 18

From article <16313@reed.UUCP>, by bob@reed.UUCP (Bob Ankeney):
>      Speaking of permissions, I've noticed a number of Unix systems with mode
> 777 on the root directory!  This is an easy in for anyone wanting super-user
> access.  I've noticed this on both AT&T and NCR unix boxes.

I have also seen this on Sun's running pre 4.x SunOS.  There may be a
Sun in a back room somewhere that is a host for anyone wanting root
access.


David
+----------------------------------------------------------------------------+
| David J. Hughes   (AKA bambi)	 |   bambi@kirk.bu.oz.au                     |
| Senior Systems Programmer	 |   bambi@kirk.bu.oz.au@uunet.uu.net        |
| Comms Development & Operations |   ..!uunet!munnari!kirk.bu.oz.au!bambi    |
| Bond University, Gold Coast    |   Phone : +61 75 951450                   |
| Queensland,  Australia  4229   |   Fax :   +61 75 951456                   |
+----------------------------------------------------------------------------+