Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!caen.engin.umich.edu!falken
From: falken@caen.engin.umich.edu (David R  Falkenburg)
Newsgroups: comp.unix.aux
Subject: Re: Security on A/UX
Summary: What about using chmod form sash
Message-ID: <3ef0c920.1285f@maize.engin.umich.edu>
Date: 8 Oct 88 21:13:00 GMT
References: <3242@emory.uucp>
Organization: U of M Engineering, Ann Arbor, Mich.
Lines: 15

Forget about worrying about students with suid programs on floppy.
The porblem is that anyone who can access snarf (i.e. pirate)
a copy of sash, along with chmod & cp commands can make their
own root shells by simply reseting their machine, inserting their own
sash floppy & hacking away in the traditional "make a root shell
procedure"   there aren't even any footprints left in wtmp, utmp, lastlog
etc. to see who might have done these things...

sash is nice for PERSONAL AU/X workstations but HELLISH for administrators
of public labs with A/UX macintoshes..

-dave
-- 
Dave Falkenburg @ University of Michigan Computer Aided Engineering Network
Internet: falken@caen.engin.umich.edu       UUCP: umix!caen.engin.umich.edu