tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: unsafe file permissions on /usr/bin/login



So, to elaborate, consider this:

I can disable remote root logins.
If the /usr/bin/login binary is suid-root I can log in remotely as an unprivileged user and then elevate privileges (to root) with the login binary from the shell.

That is very susceptible to attack, in my opinion.

On Wed, Nov 28, 2018 at 10:56 AM JP <rlntlss83%gmail.com@localhost> wrote:
The file should not be suid

On Wed, Nov 28, 2018 at 10:50 AM Joerg Sonnenberger <joerg%bec.de@localhost> wrote:
On Wed, Nov 28, 2018 at 09:51:10AM -0500, JP wrote:
> The suid bit is set on the /usr/bin/login binary.  This results in the
> system being susceptible to a manual (login) attack on user accounts
> (including root).  An attack can be initiated by any user with a shell.
> (Also, consider a system with no root password - my preferred)

WTF are you talking about. Using /usr/bin/login is not an attack. It's a
*login*.

Joerg


Home | Main Index | Thread Index | Old Index