Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ncar!oddjob!uxc!uxc.cso.uiuc.edu!kailand!pwolfe From: pwolfe@kailand.KAI.COM Newsgroups: comp.sys.sequent Subject: Re: Security hole in dynix Message-ID: <2400014@kailand> Date: 5 Aug 88 12:57:00 GMT References: <4185@oxtrap.UUCP> Lines: 56 Nf-ID: #R:oxtrap.UUCP:4185:kailand:2400014:000:3012 Nf-From: kailand.KAI.COM!pwolfe Aug 5 07:57:00 1988 Sounds like you're using the "screen" program. At least, that how I found this problem. It's not the maximum number of ptys that is causing the crash, it's the fact that screen adds entries for new windows to the /etc/utmp file. Sequent's /etc/login program counts entries in utmp to determine how many people are logged in, and if more entries exist than are allowed by the limited user license, the system shuts down with the message "illegal user limit", making root available on the console. I sent a mailbug on this a long time ago, but Sequent responded that they had no plans to fix this problem. It's very annoying, because the "w" and "uptime" commands actually report the correct number of logins, but rwho and the guy that is most important, /etc/login don't. I've modified screen some more (more than exists in the netlib archives), so that it is possible to define what your user limit is at compile time, and let screen count logins the way login does, preventing too many entries from getting into /etc/utmp. You can also define whether new windows are supposed to be "logged in" or not. I've also added commands to let you log any window in or out at will. Send email if you're interested in the latest version. As far as I can see, a subset of my modifications to the screen program could let people remove their own entries from the /etc/utmp file at will. While this is, I'm sure, a violation of your DYNIX license, the capability of any site to bypass the limited license will hopefully provide Sequent with enought incentive to teach /etc/login a better method of counting. About security for single user mode, I've seen it mentioned (but never tested it) by workstation network managers that placing "/etc/login" in /.profile makes a person login to use single user mode. If the login times out, multi-user mode is brought up again. Again, I've not tried this, and have no reason to. The best security against superuser usage by unauthorized persons is to place your computer and console in a locked room, have only the console listed in /etc/securetty (so root can only login at the console), don't put anyone but root in the group named "root" in /etc/group (so no one can use "su" to become root), and don't write down or inform others about the root password. Oh yes, don't use setuid/setgid Bourne or C shell scripts. At least Sequent provides a key lock on the front panel, so you can prevent unauthorized persons from unsetting "auto(boot)" and pressing "reset". We have a computer system from another manufacturer that only has a toggle on/off switch, with no "secure" position. Any passer by can accidentally lean on the machine and crash it. I'd mention their name, but they can't take criticism, and will call my boss to complain (again). Patrick Wolfe (pwolfe@kai.com, kailand!pwolfe) System Manager, Kuck and Associates, Inc. Disclaimer: Any and all opinions mentioned here are MINE, not my employers. Please don't call my boss to complain (again).