Aucbvax.5296 net.2bsd-bugs utzoo!decvax!ucbvax!purdue!cak Tue Nov 24 01:08:32 1981 berknet security hole We have recently finished putting berknet up between 6 machines on campus (with plans to add many more), and have discovered what we consider to be a gaping security hole, namely the -y flag on the net command. Via this flag, a super-user can become anyone on the remote machine, and grab any file he/she wishes. Maybe this isn't a problem for you (though it would surprise me if it was not), but a number of people here have already grumbled about it. Can you explain why this has to be there, and how it might be disabled? We also found that anyone could execute sendberkmail directly with the -f flag, thus masquerading at will as anyone. This was fixed by adding the code from delivermail and/or v6mail that did the checking to allow only root, network, and uucp to invoke -f. We have disabled all commands for root (except mwrite) to close the most obvious path for cross-machine super-users, but the -y option is not so easy to close up. Chris Kent, Purdue University CS Dept. ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.