Date: Fri, 17 May 1996 10:55:58 -0700 From: Paul Traina <pst@shockwave.com> To: Vladimir Jojic <vjojic@EUnet.yu> Cc: freebsd-security@freebsd.org Subject: Re: very bad Message-ID: <199605171755.KAA00746@precipice.shockwave.com> In-Reply-To: Your message of "Fri, 17 May 1996 12:09:30 %2B0200." <199605171009.MAA00475@EUnet.yu>
next in thread | previous in thread | raw e-mail | index | archive | help
We've talked about stuff like this in the past in other forums (not FreeBSD
specific) and the conclusion time and time again is that it's so totally
trivial to spoof this sort of thing that the only way to handle security
issues is full disclosure.
FIRST, an organization of CERT-like groups, where everyone ostensibly knows
everyone else, leaks information like mad. Given the time and trouble they
went through to avoid this, a perl script isn't going to cut it. :-(
If there's something sensitive that should be confidential, it should be
sent to "security-officer@freebsd.org" who can then pull in the right
resources.
We'll go for full disclosure as soon as we can verify and patch around the
problem, so that EVERYONE gets an even shot at fixing it.
Paul
From: Vladimir Jojic <vjojic@EUnet.yu>
Subject: Re: very bad
Hi,
What IS very bad about this whole thing, isn't existance of this bug,
as much as how easliy information about it can be obtained. Even if
you do send patch along with info, there is still danger that someone,
gets up earlier than root, and then ... (sweat dreams, root!)
I am not very familiar with mailing list programs, but there is posible
improvment (if it isn't yet done):
- add special class of mailing list, such as security list
- when user wants to be added to this list, program checks
if his root (of system from which mail came) is on the
list:
1. yes, inform root (or address he left), about
that user (even ask if he allows him to join
this list, this is a bit fascist, but that's
security)
2. not, inform root about existence of this list
ask him if he wants to join (where to send him
mail, how much to *delay* info on bugs to users
on his system, or not even allow them to join
(hey, maybe system is crackers nest))
if not, ask him should the user be allowed to
join list
I believe that it is obvious why *delay* is so important.
This is just the sketch, of course.
Maybe this message isn't for this list, but it certainly concerns, all
of the readers.
I admit that *delay* is a bit strong, but so are the closed list.
There is still one problem, if we have a roOT od small system not
connected to Internet, he can receive mail only on other system,
that is connected. ROot of system connected to Internet, receives
info before roOT of small system, and if has any malicious intention,
he can surely, mess things up. But that comes to domain of human nature.
I am not saying that this will solve all problems, but will
*delay* some.
Please, give your opinions on this,
Vladimir Jojic
(guru apprentice, still looking for teacher ... :)
vjojic@EUnet.yu
>
> On Fri, 17 May 1996, Jordan K. Hubbard wrote:
>
> > Ow! :-(
> >
> > Thanks for reporting this!
> >
> > You know though, for ones this bad I'd really rather you sent the
> > message to security-officer@freebsd.org rather than freebsd-security
> > in the future. There are easily over 1000 people on this list and you
> > just announced a cookbook method for any shell account user to go root
> > on a FreeBSD based ISP box; hardly the kind of information one would
> > want to see widely circulated without a prepared fix, at the
> > least. :-(
> > Jordan
>
> Too bad it's already on BUGTRAQ and BoS which is way more than 1000 :-(
> And I would have sent it to security-officer@freebsd.org had I even known
> of such an address. The prepared fix is chmod u-s /sbin/mount_union.
>
> == Chris Layne ======================================== Nervosa Computing =
>>=
> == coredump@nervosa.com ================ http://www.nervosa.com/~coredump =
>>=
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605171755.KAA00746>