[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: ftpd bug? Was: bin/1805: Bug in ftpd
From: "Brad.Powell" <Brad.Powell () West ! Sun ! COM>
Date: 1996-10-17 9:41:08
[Download RAW message or body]
In article:
>Date: Wed, 16 Oct 1996 14:11:02 -0400
>From: Andrew Dills <dills@husc.harvard.edu>
>Subject: Re: ftpd bug? Was: bin/1805: Bug in ftpd
>X-To: gamble@dxcoms.CERN.CH
>To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
>
Andrew writes:
>Do you have core dumps turned off?
>
>I forget where it is in 4.1.1, but under Solaris you can a line in
>/etc/system to set coredump size.
>
>Set it to 0, and you can avoid these problems.
core dump size in /etc/system doesn't do what you want since that has to
do with system core dumps, however your on the right track. :-)
If you were to modify /etc/rc2.d/S72inetsvc and change the (last)
line where inetd starts up to first start up a shell; limit
its corefilesize to zero and have the shell start up /usr/sbin/inetd -s
then all inetd services would not be able to dump a core file.
I used to do this in the old days of 4.1.X for rpc.pwauthd since if an
intruder gained root they could do a gcore on the rpc.pwdauthd and get
whatever system passwords were sitting in there (cleartext). I know if
they already have root big deal right? Well gaining root in one location
shouldn't help breaking other hosts, and unfortunately users/administrators
have a tendancy of re-using passwords accross many hosts. I've seen Sun's
fall because of a bug in VMS (and vice versa) :-) simply because the admin
used the same password on both boxes.
=======================================================================
Brad Powell : brad.powell@Sun.COM
Sr. Network Security Architect/Consultant
Sun Microsystems Inc.
=======================================================================
The views expressed are those of the author and may
not reflect the views of Sun Microsystems Inc.
=======================================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic