Date: Tue, 28 Nov 1995 22:17:45 -0700 From: Nate Williams <nate@rocky.sri.MT.net> To: Terry Lambert <terry@lambert.org> Cc: nate@rocky.sri.MT.net (Nate Williams), freebsd-current@FreeBSD.org Subject: Re: schg flag on make world in -CURRENT Message-ID: <199511290517.WAA19065@rocky.sri.MT.net> In-Reply-To: <199511290210.TAA26584@phaeton.artisoft.com> References: <199511282344.QAA18335@rocky.sri.MT.net> <199511290210.TAA26584@phaeton.artisoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert writes: > > WHAT?!? Terry, you're losing it. > > > > Do you understand what the 'secure' flag means? It means that root is > > allowed to directly login via that tty/pty. So, if you have folks who > > need to come in remotely in your scheme, you need to make *ALL* of your > > connections secure, which opens up a huge can of worms. > > Only if they need to su to root after they come in. What normal user > comes in from outside the firewall and su's anyway? All of the folks who do root work on freefall, and David's work on wcarchive. > It's silly to type a root password over an insecure line. That's the > point of not allowing it. Even if the potential cracker types it > right, he types it wrong. 1) If you are that worried about breakin's, use secure telnet or something like that. > > The current behavior is a mix of usefulness plus security. The cracker > > needs to break into an account which is in the 'wheel' group, and then > > they need to crack the root passwd w/out raising suspicions in the > > logfiles while every failed attempt to 'su' to root is logged to the > > screen, the logfile, and any user already su'd to root on the box. > > Logfiles go away after your cracker in, as do the console contents. And > since you can tell other users su'ed onto the machine (as well as anyone > else syslog feels free to bitch at) without arousing suspicions. We might as well give up then, huh? > All your cracker has to do is watch the wire traffic to get your root > password, and use it, if you allow it to be used over the wire in the > first place. If you've got a snooper on the wire, you've got big problems, the least of which is him getting root access. If that is your concern, use a more secure method of communication to the remote system (ssh, etc..) > Setting pty's secure is a silly thing to do in any situation unless, as > is allowing user's to su from unsecure lines. You can 'su' on insecure lines. You can't directly login as root on insecure lines. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511290517.WAA19065>