From owner-freebsd-audit  Mon Jan 24 11:15:26 2000
Delivered-To: freebsd-audit@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 758)
	id 1EED315A07; Mon, 24 Jan 2000 11:15:11 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by hub.freebsd.org (Postfix) with ESMTP id 0E4B81CD680
	for <audit@freebsd.org>; Mon, 24 Jan 2000 11:15:11 -0800 (PST)
	(envelope-from kris@hub.freebsd.org)
Date: Mon, 24 Jan 2000 11:15:11 -0800 (PST)
From: Kris Kennaway <kris@hub.freebsd.org>
To: audit@freebsd.org
Subject: OPIE audit
Message-ID: <Pine.BSF.4.21.0001241109250.70739-100000@hub.freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi guys,

We need to fix up the OPIE utilities so they don't rely on a
world-readable /etc/opiekeys (bad for dictionary attacks, like the recent
w00w00 advisory points out). There are at least two ways to do this:

1) Audit the OPIE code for setuid rootness (this is the path which FreeBSD
went with s/key a few years ago - dunno why opie wasn't done then too) -
or setuid opieness (new uid).
2) Use a small setuid root helper app which does the authentication on
behalf of the non-setuid program.

Thoughts?

Kris

----
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven!" -- Homer Simpson



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message