[Prev][Next][Index][Thread]

Re: XDMCP security?



Hi,

> > On Mon, 23 Sep 1996, Ira Abramov wrote:
> > 
> > >I just discovered that taking away the shell from a user (leaving him only
> > >with pop) won't stop him from getting a shell if he opens an X session
> > >through XDMCP (i.e. any win95 station and a few freewares :-(

I am not sure this is a solution (cannot check it right now), but 
anyway:

When you `take away' a user shell, most probably you do it by 
assigning /dev/null which is not a valid shell. However, there is a 
special shell for just these purposes. It is /bin/false. This shell 
allows a user to log in, writes information about user's mail, and 
exits.

I suspect freeware Win95 you are talking about can somehow overcome 
invalid shell but will honor a valid one.

> > A user has the privilege to rename a root owned file or directory
> > inside a directory (the home directory here) that she owns.
> 
> not if root chmods is 000

As long as a directory is owned by a user, he can delete any file 
there, that is, if he can log in :-)

Hope this helps,

Andy

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*               Andrey Tsouladze                *                   *
*          Webmaster/Systems Manager            *                   *
*                SPL WorldGroup                 * Cogito,           *
*              3b Yoni Netaniyahu               *                   *
*           Or-Yehuda 60200, Israel             *       ergo        *
*    E-mail: andy@spl.co.il                     *                   *
*    E-mail: tsoul@tx.technion.ac.il            *            sum    *
*    E-mail: tsoul@aluf.technion.ac.il          *                   *
*    http://www.spl.co.il/~andy                 *                   *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Follow-Ups: References: