From owner-freebsd-hackers Tue Feb 4 06:43:22 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id GAA18631 for hackers-outgoing; Tue, 4 Feb 1997 06:43:22 -0800 (PST) Received: from toth.ferginc.com (toth.ferginc.com [205.139.23.69]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA18626 for ; Tue, 4 Feb 1997 06:43:19 -0800 (PST) Received: from toth.hq.ferg.com by toth.ferginc.com (You/Wish) with SMTP id JAA28534; Tue, 4 Feb 1997 09:42:59 -0500 (EST) Posted-Date: Tue, 4 Feb 1997 09:42:59 -0500 (EST) Date: Tue, 4 Feb 1997 09:42:54 -0500 (EST) From: Branson Matheson X-Sender: branson@toth.hq.ferg.com Reply-To: branson.matheson@ferginc.com To: Walter Belgers cc: freebsd-hackers@FreeBSD.org Subject: Re: NIS/uids In-Reply-To: <199702041010.LAA27440@giga.lss.cp.philips.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Tue, 4 Feb 1997, Walter Belgers wrote: > Hi, > > I hope this is the right place to tell my story. > > I run FreeBSD 2.1.5. On my system are a bunch of local users but I also > have users from the NIS database on another system (an HP). In my > password file the users are defined as follows: > > +user::::::::/home/john:/usr/local/bin/tcsh > > So I override the homedir and shell. > > The problem now is that the security on my system has become dependant > on that of the NIS server. If I am root on the NIS server I can change > the uid of "user" into any user including root and make use of it on my > system. Even if you can only become root using su you can easily first > become a user in wheel and then root. That is a fact. because you are using that information from an NIS server, you will _always_ have a security risk from that server. Anyone that has root on that server can modify a yp'd entry on that server, change the uid to 0 and become root on your system very easily. So by definition, you _have_ to trust your yp servers. > > The obvious solution is to override the uid in the password file: > +user::1234:1234:::::/home/john:/usr/local/bin/tcsh You can do that .. but at this point the only win you have over seperate entries in the PW file is a single global password. > But now I have another problem... the userid is not mapped to the > username any more. > > The fact that "user" now is only known as uid 1234 and not as user > "user" gives rise to a lot of problems. > > Is this a bug or am I overlooking something? I was able to reproduce this.. it is probably a bug in the login sequence. I looked at login it self.. but could not find anything obvious... can somone more experienced look at this? -branson ============================================================================= Branson Matheson | Ferguson Enterprises | If you're falling off a System Administrator | W: (804) 874-7795 | mountian, you might as well Unix, Perl, WWW | branson@ferginc.com | attempt to fly. -Delenn