[svlug] restricted access

[James W. Abendschan]

On Tue, 11 Aug 1998, Arthur Thomas wrote:
> I have heard that this creates a possible security risk. Running an 
> application or script allows the possiblity for someone to ctrl-c or 
> something like that and have access.

As Ray described it, his perl script was not run insecurely.  When
you run a program from the shell (say, out of a .login or .profile)
you are succeptible to the ^C and ^\ tricks.  However, if you run
your program directly from /bin/login by making it the shell field
of the passwd file, those problems vanish.

The issues are twofold -- one, giving a shell the opportunity to
get a signal, and two, giving the program an opportunity to catch
a signal and then return control to the shell.

I've seen .profile/.login's that avoid the second by doing

	exec /some/program

but the intruder still has a window of opportunity between the time
the shell opens up the .profile/.login and begins executing lines.
This is trival to do on slow machines, and nowadays it's not always
difficult to slow computers down remotely (case in point, recent Apache
HTTP header bug.)

The right thing to do is to run your perl or compiled C program
as the shell.  Of course, you still want to make sure your code
doesn't do anything stupid.. :)

James

--
James W. Abendschan
http://www.jammed.com/
I want the TCP/IP equivalent of a Rat Thing.


--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe