[svlug] Speaking of security issues...

Timothy King tking at netstarcomm.net
Tue Sep 22 15:37:49 PDT 1998

Previous message: [svlug] "But whom are they going to sue?"
Next message: [svlug] if you liked the "Launch Win98" event...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The postings regarding security issues with logon validation reminded me
of this problem with RH 5.1 for Intel.  When trying to log on, if you
accidently enter your password at the "login:" prompt, and then log on
correctly, you can see your password if you do a "ps ax | grep login". 
I've only tried this from the console, don't know if the same thing
happens during telnet.

This happens in kernel 2.0.34 and 2.0.35. I posted this in the RH
support when I first started using RH back in June, but of course never
heard anything back from them (nor any other items I submited during my
"90 days free support").  I haven't seen anything about it in the errata
either.  To me, this seems like a big security problem because it is not
uncommon for someone to accidently type the password at the login
prompt.

--
Tim King
tking at netstarcomm.net

--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe

Previous message: [svlug] "But whom are they going to sue?"
Next message: [svlug] if you liked the "Launch Win98" event...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list