Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!apple!bionet!agate!ucbvax!hplabs!hp-sdd!ncr-sd!serene!rfarris
From: rfarris@serene.CTS.COM (Rick Farris)
Newsgroups: news.sysadmin
Subject: Re: Security checkup
Summary: How *do* you protect the root crontab?
Keywords: security intruder self-help
Message-ID: <266@serene.CTS.COM>
Date: 4 Oct 88 02:54:29 GMT
References: <167@carpet.WLK.COM>
Reply-To: rfarris@serene.cts.com (Rick Farris)
Distribution: na
Organization: Serenity Systems,  Del Mar, Ca.
Lines: 21

In article <167@carpet.WLK.COM> bill@carpet.WLK.COM (Bill Kennedy) writes:
>One of my neighbor sites was recently vandalized by an electronic
>intruder.  

>On my system, for example, I did not have my root crontab restricted
>enough and that's how the intruder got root privileges.
>Bill Kennedy  Internet:  bill@ssbn.WLK.COM

Darn!  That's clever.  I'll bet they did a crontab -l to a file they could
write, and then put a command in to copy L.sys to a file they would own, eh?
Awesome.  How does one deal with this?

I'd also like to pick up some more security tips.  I would like to allow more
shell accounts on my system, but I'm worried about security. 

I understand the concern for security, is there a mailing list or something
where we could discuss these issues?

Rick Farris            rfarris@serene.cts.com     voice         (619) 259-6793
POB M                          KCBIW              public access       259-7757
Del Mar CA 92014      ...!uunet!serene!rfarris    serene.uucp         259-3704