Path: utzoo!utgpu!watmath!watdragon!trillium!hjespersen
From: hjespersen@trillium.waterloo.edu (Hans Jespersen)
Newsgroups: unix-pc.general
Subject: Re: security
Message-ID: <14290@watdragon.waterloo.edu>
Date: 5 Jun 89 15:43:16 GMT
References: <19071@cup.portal.com> <14373@bfmny0.UUCP> <1526@sialis.mn.org> <1528@sialis.mn.org> <14270@watdragon.waterloo.edu> <537@uncle.UUCP>
Sender: daemon@watdragon.waterloo.edu
Reply-To: hjespersen@trillium.waterloo.edu (Hans Jespersen)
Organization: U. of Waterloo, Ontario
Lines: 20

In article <537@uncle.UUCP> jbm@uncle.UUCP (John B. Milton) writes:

[root being 777 is a big security hole]
 
>One of several hundred different ways around security on the UNIXpc. To tighten
>security you have to start off by removing ua and smgr from the system, then
>you have a chance of getting the UNIXpc security to approach that of most other
>SYSV boxes

True, but many of the UNIXpc security holes are specific to the UNIXpc.
It requires a good level of knowledge to exploit them. Not that they
are hard, but most users would require some time to find them due to
an unfamiliarity with the machine. On the other hand, having a root 
directory that is 777 is asking to be broken an would be a standard 
thing to check for on ANY Unix box.

-- 
Hans Jespersen
hjespersen@trillium.waterloo.edu
uunet!watmath!trillium!hjespersen