Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!samsung!uunet!hfsi!frank
From: frank@hfsi.UUCP (Frank McPherson)
Newsgroups: comp.unix.amiga
Subject: Re: interesting feature on AMIX..
Keywords: unix security, amix security, setuid
Message-ID: <431@hfsi.UUCP>
Date: 23 Jun 91 15:07:36 GMT
References: <13706@mentor.cc.purdue.edu> <1991Jun19.204906.19339@dvorak.amd.com> <426@hfsi.UUCP> <1991Jun21.201119.722@ckctpa.UUCP>
Reply-To: frank@hfsi.UUCP (Frank McPherson)
Organization: HFS Inc., McLean VA.
Lines: 20

In article <1991Jun21.201119.722@ckctpa.UUCP> crash@ckctpa.UUCP (Frank J. Edwards) writes:
>Suppose I make a floppy on my machine and put a copy of ksh on it.  Then
>I make that ksh set-uid to root and mount it on your system.  I execute
>that ksh and viola! I get the "#" prompt...
>
Would you have to meddle around with the KSH to make it set-uid to root?
My point here is, if you started up a ksh, even if from your own file
system, shoudn't it disallow you to setuid to root?  If not, that is a 
pretty serious security hole in the way we're doing things.  I'm not 
sure that it really MATTERS, because the machines aren't incredibly
important anyway, and there aren't any overwhelming reasons for someone
to want root access on one of them, other than just saying they did it.

>Actually, the solution presented by Steve Warren is much sturdier:  the
>same script would search the inodes looking for set-uid programs.  If
>any were found, the disk would not be mounted.
>
That makes good sense.  

-- Frank McPherson                  INTERNET: emcphers@manu.cs.vt.edu --