Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!chinacat!sequoia!rpp386!jfh From: jfh@rpp386.cactus.org (John F Haugh II) Newsgroups: comp.unix.wizards Subject: Re: tty security problems under SunOS 4.1 and SunOS 4.1.1 Message-ID: <19283@rpp386.cactus.org> Date: 16 May 91 15:21:32 GMT References: <25239:May1416:21:3591@kramden.acf.nyu.edu> <16155@smoke.brl.mil> <7491:May1502:05:3291@kramden.acf.nyu.edu> Reply-To: jfh@rpp386.cactus.org (John F Haugh II) Organization: Lone Star Cat Emporium and BBQ Grill Lines: 63 X-Clever-Slogan: Help Prevent Robbery. Tax the IRS. In article <7491:May1502:05:3291@kramden.acf.nyu.edu> brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes: >In article <16155@smoke.brl.mil> gwyn@smoke.brl.mil (Doug Gwyn) writes: >> In article <25239:May1416:21:3591@kramden.acf.nyu.edu> brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes: >> >In the long term: SunOS is still insecure, and a sufficiently dedicated >> >cracker can and will be able to get past tty security no matter how many >> >other holes you close. It is inexcusable for Sun to leave this open. >> Why? Has Sun made any promises about absolute security of SunOS? >> For example, are they claiming B2 certification for it? > >Well, they do have an option which, they claim, provides C2 security. >But I was thinking more on ethical grounds. I understand that Sun does have a Federal Systems Division, or whatever they call their spook work, and supposedly are in evaluation, or done or whatnot on a trusted system. I've always assumed that when Dan complains about security holes in alt.security that at the very least he is referring to a system that pretends to be secure. Complaining about security on a system that makes no claims is like complaining that MS-DOS lets anyone reformat the C: drive - it makes you feel real good, but then no one said you couldn't just reformat the disk in the first place. >> I've always had the impression that UNIX was intended for resource >> sharing much more than for resource hiding, and that the security >> mechanisms were meant to prevent accidental problems, not dedicated >> attacks. > >Perhaps you didn't notice the complaint just a few weeks back about how >somebody was getting output from someone else's background process under >SunOS 4.0. That sounds like a problem to me. And the commercial world >(not to mention universities) has to pay attention to dedicated attacks. I have to agree with Dan on this one. UNIX is less and less an OS for "resource sharing" and one for getting "real work" done. This may not be pleasing to the old-time UNIX users (I can't stand SVR* for example), but selling UNIX to the commercial masses does pay the rent. There is something particularly refreshing about seeing AIX run on a 3090/600-J with all that vector stuff and 100GB of spinning storage - it just makes my skin crawl. >> I guarantee that there are other security problems on most versions >> of UNIX besides the one you've been carrying on about. What makes >> that one problem so much more significant than the others? > >The bugs I've pointed out are on practically every BSD-derived UNIX >system, meaning practically every UNIX machine on the Internet. The >smaller set of bugs pointed out by Bellovin are on AT&T-derived UNIX >systems too. Very few such dangerous holes have survived so long on so >many machines. Nonsense. There are still vendors that insist on shipping machines with setuid shell scripts. I'll admit your problem is serious, but not the one true serious security hole in the system. NFS is by far the biggest hole on the planet - I regularly use it to become root on test systems that I've forgotten the root password to. And the worst part is that it lets you creep about so nicely in a warm, friendly, trusting environment. Kinda like the stomach flu, only worse. -- John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh Ma Bell: (512) 255-8251 | GEnie PROHIBITED :-) | Domain: jfh@rpp386.cactus.org "If liberals interpreted the 2nd Amendment the same way they interpret the rest of the Constitution, gun ownership would be mandatory."