Date: Sun, 12 Jul 1998 11:07:38 +1100 (EDT) From: Andrew MacIntyre <andymac@bullseye.apana.org.au> To: Jake Hamby <jehamby@manta.jpl.nasa.gov> Cc: security@FreeBSD.ORG Subject: Re: RootRunner (admin GUI w/o security holes?) Message-ID: <Pine.OS2.3.95.980712105747.100A-100000@CENTRAL> In-Reply-To: <Pine.GSO.3.96.980710141343.3715A-100000@manta>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 10 Jul 1998, Jake Hamby wrote:
> I'm currently working on an administration GUI tool for FreeBSD, Linux,
> and Solaris. I've bitten off a rather large chunk of features that I'd
> like to implement before my deadline of August 15 (which should be enough
> of a clue for some of you to figure out why I'm working on this now), but
> I hope to implement at least basic user, group, network, and package
> management.
{.....}
> Even better, my program will (optionally) show the user which commands
> it's executing, and as much as possible, use the tools in /sbin and
> /usr/sbin rather than directly talking to the OS. The only other program
> I've heard of that works this way is SMIT on AIX, and it sounds very
> useful. I can simply echo the output of each command to a subwindow of
> the GUI and in the process, teach the actual UNIX commands to new
> sysadmins, rather than hiding it from them. Are there any potential
> security holes with this approach?
I like the idea, and have used SMIT on AIX 3.2.5, and the concept is
useful.
WRT the security problems, I'm not a security guru, however slightly
extending your concept to support access to remote systems (using ssh as
suggested by another poster in this thread) could be _very_ useful.
Having 2 access mechanisms (local & remote) could be a bit cumbersome
though...
{.....}
> Is there any possibility (especially in BSD and Linux, which require you
> to search the /dev/ptyXX space to find an open pty), for race conditions
> where an eavesdropper could get the root password through the pty when
> someone else is running the admin GUI? Any pointers on how to write this
> section of the code (if it would need to be any different from the way
> that, for example, xterm grabs a pty) would be helpful.
Perhaps you want to look at the source for the telnet daemon, which does
basically this IIRC.
{.....}
--
Andrew I MacIntyre "These thoughts are mine alone..."
E-mail: andrew.macintyre@aba.gov.au (work) | Snail: PO Box 370
andymac@bullseye.apana.org.au (play) | Belconnen ACT 2616
Fido: Andrew MacIntyre, 3:620/243.18 | Australia
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OS2.3.95.980712105747.100A-100000>