[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SU for group admin



Hi
Do not make this without protecting your /etc/passwd file it's very
dangerous because an simple user could take the root shell.
To resolve the problem you could write a program that turn in background
and detect all new root shell(the +loginname:...)and close the account and
mail to the supervisor a warning.
by.
         Meir Faraj

On Tue, 1 Jul 1997, Peter Lorand Peres wrote:

> Date: Tue, 1 Jul 1997 18:16:15 +0300 (EET DST)
> From: Peter Lorand Peres <plp@actcom.co.il>
> To: Eizner Constantin <eizner@research.haifa.ac.il>
> Cc: linux-il@linux.org.il
> Subject: Re: SU for group admin
> 
> You must write a C program or a set of scripts (less secure) that
> manipulate the /etc/groups file in an atomic way and that runs as (suid)
> root. This is NOT a trivial programming problem. There are bad security
> problems associated with this. The systemthat this imlpements needs to be
> at least as good as the system's passwd security.
> 
> On Mon, 30 Jun 1997,
> Eizner Constantin wrote:
> 
> > Hi all.
> > How can I get to some user options to change the users pasword only for
> > his group. SUDO doesn't help.
> > Any Idea?
> > 
> > Any informatiob would be appreciated.
> > 
> 
> Peter Lorand Peres
> ------------------
> plp@actcom.co.il 100310.2360@compuserve.com
> http://ourworld.compuserve.com/homepages/plp
> 
> 

____________________________________________________
Meir
    Faraj
         E_mail:faraj@avoda.jct.ac.il
                faraj@beitza.jct.ac.il
                faraj@zara26.jct.ac.il
                faraj@shekel.jct.ac.il
         web:http://shekel.jct.ac.il:80/~faraj
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tel:972-2-6489089        / 02-6489089
    972-50-982625        / 050-982625
address:21 avaad aleumi jerusalem
     _______          _________        ____________
     |___ _|        / _________|       \____  ______\
        | |         | |                     | |
        | |         | |                     | |
 ______/  /       _ | |_________    _       | |  _
 |_______/       |_| \__________|  |_|      |_| |_|
____________________________________________________


References: