SU vulnerability
Sergey
mafia_rgd at mail.ru
Fri Dec 9 06:59:30 UTC 2005
Long time ago I decided to protect my system by allowing *ONLY* users in wheel
group to su to root. This allows to protect the system. Regardless where you
know the root password or not - you can not su as long as system
administrator does not put you into wheel group.
As I know this is the default behaviour of FreeBSD.
In redhat you do it by uncommenting line in /etc/pam.d/su
# Uncomment the following line to require a user to be in the "wheel" group.
auth required /lib/security/$ISA/pam_wheel.so use_uid
This protects both su and kdesu.
What do you think? This is useless - it does not protect the system at all, as
I've thought for a long time.
System-config-users utility - a little program to manage users has *NOTHING*,
not even a little mention anywhere, that it breaks the security.
Anyone who knows the root password logs in as regular user, by ssh. Using X
forward, executes system-config-users, enters the root password and does
ANYTHING he wants to the system. In particular, he adds himself to wheel
group and su's to root. While the system administrator sleeps well knowing
that he can not su because he's not in wheel group
^^#$#$&^#^$%^
More information about the fedora-list
mailing list