From owner-freebsd-security  Wed Apr 24 16:10:52 2002
Delivered-To: freebsd-security@freebsd.org
Received: from harrier.csrv.uidaho.edu (harrier.csrv.uidaho.edu [129.101.119.224])
	by hub.freebsd.org (Postfix) with ESMTP id EF7C537B416
	for <freebsd-security@freebsd.org>; Wed, 24 Apr 2002 16:10:49 -0700 (PDT)
Received: from uidaho.edu (oblivion.csrv-staff.uidaho.edu [129.101.66.165])
	by harrier.csrv.uidaho.edu (8.9.3 (PHNE_22672)/) with ESMTP id QAA05567;
	Wed, 24 Apr 2002 16:08:27 -0700 (PDT)
Message-Id: <200204242308.QAA05567@harrier.csrv.uidaho.edu>
Date: Wed, 24 Apr 2002 16:08:54 -0700 (PDT)
From: Jon DeShirley <jond@uidaho.edu>
Subject: Re: su: s/key
To: "Patrick O. Fish" <patrick@pwhsnet.com>,
	freebsd-security@freebsd.org
In-Reply-To: <00d801c1ebe3$7e354b50$0300a8c0@zeus>
MIME-Version: 1.0
Content-Type: TEXT/plain; CHARSET=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On 24 Apr, Patrick O. Fish wrote:
> yeah, my security officer tried it to see if it would work.  he patched it,
> but im trying to get rid of the s/key prompt

If it'll be any help, this is the exploit code he probably used:

http://online.securityfocus.com/archive/1/269102/2002-04-21/2002-04-27/0

You'll probably want to take a look at /etc/skeykeys [from keyinit(1)].

--jon


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message