lostecho/oldlinux-files
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
oldlinux-files/mail-archive/linux-admin/Volume2/digest31
gohigh a778c607a4 add directory mail-archive
2024-02-19 00:25:02 -05:00

603 lines
21 KiB
Plaintext
Raw Permalink Blame History

From: Digestifier <Linux-Admin-Request@senator-bedfellow.mit.edu>
To: Linux-Admin@senator-bedfellow.mit.edu
Reply-To: Linux-Admin@senator-bedfellow.mit.edu
Date: Tue, 6 Sep 94 20:13:24 EDT
Subject: Linux-Admin Digest #31
Linux-Admin Digest #31, Volume #2 Tue, 6 Sep 94 20:13:24 EDT
Contents:
Re: WARNING about shadow-mk package (Peter Dalgaard SFE)
Re: UID 0 Passwd blues (Joe Zbiciak)
Re: Timing out connections? (Herbie Pearthree)
Re: [ALERT] Password problem with Linux (James Beckwith)
Re: Xircom under Linux ? (laboratorium dydaktyczne)
Unremovable inode! HELP (Raghunath K. Rao)
Re: What MTU for SLIP links ? (Alan Cox)
Re: [ALERT] Password problem with Linux (Tracy R. Reed)
"write" with shell? (Emarit Ranu)
Re: WARNING about shadow-mk package (Joe Zbiciak)
HELP Security Access (Larry Schmitt)
Re: virtual memory exhausted error (Joe Dane)
Request for XConfig (JASON H KELTZ)
Re: PPPD permissions (Thomas Quinot)
Re: ? Kernel (1.1.47) ftape incompatibility (Oz Dror)
Re: Slackware on CD-ROM [?] (Eric Kwok-Wai Ng)
Re: WARNING about shadow-mk package (Viktor T. Toth)
----------------------------------------------------------------------------
From: pd@kubism.ku.dk (Peter Dalgaard SFE)
Subject: Re: WARNING about shadow-mk package
Date: 6 Sep 1994 16:24:09 GMT
In <im14u2c.778823028@cegt201> im14u2c@cegt201.bradley.edu (Joe Zbiciak) writes:
>In <34a0m7$5l9@news.xs4all.nl> bjdouma@xs4all.nl (Bauke Jan Douma) writes:
>>In article <34600t$l3r@news.xs4all.nl>, bjdouma <bjdouma@xs4all.nl> wrote:
>>>Here's the snippet from the Makefile where login is installed:
>>>
>>> install -m4755 login $(LOGINDIR)/_login
>>> install -m4711 login.secure $(LOGINDIR)/login
>>>
>>>So how secure can it be that there are no sources.
>>>Just asking.
>I apologize. I am the author of the /bin/login replacement that is included
>in the shadow-mk package. Mohan Kokal, the author of the shadow-mk package,
>is not to blame. I had asked him not to distribute my (ugly) source. :-)
This seem to settle that login.secure is indeed completely
innocent. HOWEVER: May I ask a stupid question? Why is the
original login being installed setuid? As far as I can see,
nothing is keeping users from just typing /bin/_login -froot,
and exploit the original security hole.... (Permissions should
be 744 or something like that)
--
O_ ---- Peter Dalgaard
c/ /' --- Dept. of Biostatistics
( ) \( ) -- University of Copenhagen
~~~~~~~~~~ - (pd@kubism.ku.dk)
------------------------------
From: im14u2c@cegt201.bradley.edu (Joe Zbiciak)
Subject: Re: UID 0 Passwd blues
Date: 6 Sep 1994 12:44:14 -0500
In <34hi6r$o5d@harbinger.cc.monash.edu.au> kevinl@bruce.cs.monash.edu.au (Kevin Lentin) writes:
>Anton de Wet (adw@Chopin.rau.ac.za) wrote:
>> I ran accross an inconvenient ``feature'' of the passwd program yesterday.
>> On one of our Linux boxes we have 3 UID 0 users --- root and two others.
>> Since initial setup a week ago, everything was working fine, but suddenly
>> the root password was invalid :-( After some investigation and experimenting
>> we found that one of the users had changed his password and that this changes
>> all the UID 0 passwords to the same thing.
>Having multiple accounts with the same uid and different names are bound to
>cause trouble. Some programs may use other methods besides getuid() to
>figure out who you are. $LOGNAME. getlogin(), who knows what they might
>return.
Very true, but not too much of a problem. On my system, I have two root
accounts, both with the same password. Why? 'Cause I like to be logged
in as root, but I feel showing up as root is bad form. So, I log in as
someone else. Everything works ok though. Note that anything root is
disallowed to do, such as ftp or login via remote, the alternate root is
also disallowed from doing, though.
In fact, the second root login is a bit of a joke:
Login:*:0:0:Name,Office ,Office Phone,Home Phone,:/Directory:Shell
(BTW, I made links from /Directory to ~root, and /Shell to /bin/bash....)
Try creating a similar user and fingering them... :-)
(You may wanna change the UID if you fear a security risk.)
>necessary. Do your root users change so frequently that it's aproblem? Why
>not just have one root account and let the people all use 'su'?
A better solution would be to investigate "sudo" that comes with newer
Slackware distributions. It allows "blessed persons" to "do super things."
A configuration file can be made that says just what sudo privs each
user has, and all that was done with sudo. Bear in mind if a user is UID 0,
there is *no stopping* that person from circumventing anything you might
do to keep them from taking over the entire system. Use 'su' or 'sudo'
rather than making three root accounts.
>If you must have multiple users, could you not put them all in one group
>(eg wheel) and then have a setuid root shell that is only executable by
>group wheel. I'm sure this opens up a security hole but probably nothing
>worse than you're already faced with.
suid-root shells are limited in scope: Some things just don't work.
>> Is this supposed to be so? I think not. What is the easiest way to fix it?
>> (I'm using Slackware 2.0 distribution)
Definately look into "sudo" then.
--Joe
------------------------------
From: HPear3@ind.net (Herbie Pearthree)
Subject: Re: Timing out connections?
Date: Tue, 6 Sep 1994 16:35:38 GMT
In article <1994Sep4.040045.18857@dithots.org>, gwp@dithots.org (George W.
Pogue) wrote:
> I know this has been asked, but I may have missed the answer. Is there a
> way if someone dials into the system, and then goes on vacation, to have
> the system hang them up?
Get idlelogout.tart.gz (also called autologout) from sunsite.unc.edu. I
don't remember the path. It is also on my server ftp.ind.net in
pub/ftpdir/linux/apps/idleout.tar.gz. This will log them off your
host...Herbie
--
Herbie Pearthree, INDnet Sr. Network Engineer
Indiana Higher Education Telecommunication System
------------------------------
From: James Beckwith <beckwith@io.org>
Subject: Re: [ALERT] Password problem with Linux
Date: 6 Sep 1994 16:51:22 GMT
In article <34h2rl$b37@stratus.skypoint.com> , gaj@skypoint.com writes:
>flame, but lets not shoot ourselves in the foot...
I hope this isn't TOO inappropriate a spot, but liked the *patience* with
newbie note. I am newbie enough that often the sarcasm is lost on me, but
appreciate the answers that go with it. BTW, 30 years at least can't
really be that long. By my calc, U*IX passwords can't be over 22 years
old.
Any suggestions about using a cracker to check out new passwords before
saving them?
------------------------------
From: stud37@sun1000.ci.pwr.wroc.pl (laboratorium dydaktyczne)
Subject: Re: Xircom under Linux ?
Date: 6 Sep 1994 16:15:16 GMT
Werder Christian (ib93werd@htl-bw.ch) wrote:
: --------> HELP
: I've bought a Xircom Ethernet-Adapter, and now I have
Don't do that.
: a big problem !!!!!
Yes, a big problem.
: Is there a chance to install it under Linux ???
No. :-(
: The matter is that I didn't found any driver for it :-(
: Can anybody help me ???
: Thanks.
Read the Ethernet-HOWTO before buying ethernet adapters for Linux.
Xircom doesn't want to release programming information, which is
their "proprietary trade secret". Unless they change their policy,
their adapters will not be supported by Linux.
If they don't support open operating systems, just don't buy their
products. Try to sell your Xircom adapter to someone who only
uses DOS/Novell/whatever, and buy 3c503, ne2000, smc/wd8013 etc.
Same problem with some Cabletron ethernet adapters (except E21xx),
Diamond Stealth SVGA cards, and APC Smart-UPSes. :-(
Hope this helps.
Marek Michalkiewicz
marekm@i17linuxa.ists.pwr.wroc.pl || stud37@ci3ux.ci.pwr.wroc.pl
------------------------------
Crossposted-To: comp.os.linux.help
From: thssrkr@iitmax.iit.edu (Raghunath K. Rao)
Subject: Unremovable inode! HELP
Date: Tue, 6 Sep 94 16:22:36 GMT
Hi,
Recently I had to delete my /var/log/notice file since it became
too large (14 Mb). It was logging an ethernet card error continuously!
But then I found the space for that deleted file was not freed.
So I ran an e2fsck and then the file appeared in /lost+found. But
again it was undeletable! I dont know how this can happen.
Well, finally (since I needed the space), I rm'ed the file, and
then used e2fsck, but this time I didn't move the inode to lost+found,
but just unmarked all the blocks used by it.
So I now have the space I need, but I still can't delete the *&$% inode.
No problems right now in the system, but I dont like that inode to
be left allocated.
Anyone know of a fix????
Thanks a lot
Raghu
------------------------------
From: iialan@iifeak.swan.ac.uk (Alan Cox)
Subject: Re: What MTU for SLIP links ?
Date: Tue, 6 Sep 1994 16:29:13 GMT
In article <CvGtMB.HI@Elbereth.thur.de> erik@Elbereth.thur.de (Erik Heinz) writes:
>What MTU should one choose for a SLIP link using recent 1.1.* kernels?
>What is the maximum value, and what is a good choice?
Max is about 32000 bytes but I wouldn't recommend it. BSD systems tend to
use 1006 bytes. Others 576 or 296. It's a trade off. The higher you make it
the more efficient block transfers are and the less pleasant a telnet session
while doing an ftp is.
Alan
--
..-----------,,----------------------------,,----------------------------,,
// Alan Cox // iialan@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU //
``----------'`----------------------------'`----------------------------''
------------------------------
From: treed@ucssun1.sdsu.edu (Tracy R. Reed)
Subject: Re: [ALERT] Password problem with Linux
Date: 6 Sep 1994 18:38:11 GMT
James Beckwith (beckwith@io.org) wrote:
: Any suggestions about using a cracker to check out new passwords before
: saving them?
There are a couple of utilities on sunsite that do this. One is called
Crack, I don't remember what the other is called. One of them scans your
passwd file for easily guessed passwds and find files with inappropriate
permissions, etc. It's really sort of neat.
--
=============================================================================
Mr. Tracy Reed |Every artist is a cannibal.| Why did dad cry
San Diego State Univ. |Every poet is a thief. | when I gave him
Aerospace Engineering |All kill their inspiration | Willmaker 1.0?
treed@ucssun1.sdsu.edu |And sing about their grief.|
treed@tbn-bbs.com |-U2 IRC-Maelcum /me smiles |
=============================================================================
------------------------------
From: drranu@lamar.ColoState.EDU (Emarit Ranu)
Subject: "write" with shell?
Date: 6 Sep 1994 19:01:37 GMT
On the AIX machine on campus here, the "/usr/bin/write" has
a nice fancy feature where one can type "!" as the first
character on a new line and everything typed afterwards
is interpreted by "/bin/sh". So if, while in a "write",
I type on a new line:
!ls -l /bin
I get just that. Is there a source code for "write" that
compiles under Linux with this same feature? If there is,
please direct me to it.
Thank you!
--
-Emarit drranu@lamar.ColoState.EDU
KG0CQ _._ __. _____ _._. __._
------------------------------
From: im14u2c@cegt201.bradley.edu (Joe Zbiciak)
Subject: Re: WARNING about shadow-mk package
Date: 6 Sep 1994 12:25:17 -0500
In <34i539$549@news.uni-c.dk> pd@kubism.ku.dk (Peter Dalgaard SFE) writes:
>In <im14u2c.778823028@cegt201> im14u2c@cegt201.bradley.edu (Joe Zbiciak) writes:
>>In <34a0m7$5l9@news.xs4all.nl> bjdouma@xs4all.nl (Bauke Jan Douma) writes:
>>>In article <34600t$l3r@news.xs4all.nl>, bjdouma <bjdouma@xs4all.nl> wrote:
>>>>Here's the snippet from the Makefile where login is installed:
>>>>
>>>> install -m4755 login $(LOGINDIR)/_login
>This seem to settle that login.secure is indeed completely
>innocent. HOWEVER: May I ask a stupid question? Why is the
>original login being installed setuid? As far as I can see,
>nothing is keeping users from just typing /bin/_login -froot,
>and exploit the original security hole.... (Permissions should
>be 744 or something like that)
This is indeed a valid question. The correct permissions for
/bin/_login should be either 4500 or 0500, not 4755. I spoke
with Mohan just now, and he seems to think that later in the
install, the permissions on /bin/_login get fixed. The reason
for having them set 4755 at the start is that in case /bin/login
goes caputz, one is still able to rescue the original /bin/login
to rectify the situation.
Indeed on "asylum," my personal box, /bin/_login has permissions
of 4500.
I will investigate this situation further.
--Joseph R.M. Zbiciak
Systems Admintrator & Programmer
Texas Networking Systems, Inc
DISCLAIMER: Neither this post, nor any other post made by me, reflects
the opinions of my various employers, unless EXPLICITLY
stated. All opinions stated herein are mine unless otherwise
noted.
:= Joe Zbiciak == im14u2c@ =:
:- - cegt201.bradley.edu - -:
If it works, Don't fix it. : - camelot.bradley.edu - :
:-Finger for PGP Public Key-:
:===========================:
------------------------------
From: schmittl@cc.memphis.edu (Larry Schmitt)
Subject: HELP Security Access
Date: 6 Sep 94 12:50:39 -0500
Help -
We just installed Slackware 1.2 using the standard installation. We now have
an interesting situation. It is possible to use telnet and ftp out of the
machine. Mail works in and out of the machine but it is impossible to either
telnet, rlogin or ftp in to the machine.
In telnet the following prompt is received when telnet is attempted, but no
login prompt is ever issued.
/home/lschmitt > telnet thunderbird
Trying 198.78.128.202...
Connected to thunderbird.cbu.edu.
Escape character is '^]'.
/home/lschmitt > ftp thunderbird
Connected to thunderbird.cbu.edu.
421 Service not available, remote server has closed connection
We have gone through the RC and config files and there is no obvious problem.
The command xhost + when executed, gives no errors and says that security is
removed but this does not help the situation. Inetd is running.
Has anyone seen this before?? Any ideas will be greatly appreciated.
We have successfully installed Linux using slackware 1.2 on two other machines
with no problem.
------------------------------
From: dane@electron.ps.uci.edu (Joe Dane)
Subject: Re: virtual memory exhausted error
Date: 6 Sep 94 17:55:29 GMT
Are you sure there's a swapon command in your /etc/rc* files?
Use grep to look around for it.
--
Joseph Dane "We have lingered in the chambers of the sea
UC Irvine Physics By sea-girls wreathed with seaweed red and brown
dane@nucleus.ps.uci.edu Til human voices wake us, and we drown."
(714)725-2606 T.S. Eliot
------------------------------
From: cs911089@ariel.cs.yorku.ca (JASON H KELTZ)
Subject: Request for XConfig
Date: Tue, 6 Sep 1994 17:35:14 GMT
I recently set up Slackware Linux 2.0.0 on my machine. I have been
trying to set up XFree, but I'm finding the XConfig a bit confusing.
Though I have it working with standard VESA settings, I was wondering if
someone might be able to provide me with a better XConfig. My monitor is
an ATI Graphics Ultra Pro (ISA), and I'm using a NEC MultiSync 3V monitor.
The configuration program that came with XFree doesn't mention my monitor.
Of course, if someone could tell me where I could get more detailed
information on the XConfig file that would be great too. The two particular
problems I'm having are with the "Clocks" section, and the "modedb" section.
If someone can help me out, I'd be very greatful. I've just joined this
newsgroup as well, so if this is a bad place to post this kind of
message, please direct me to a better place.
Thanks!
Jason Keltz
cs911089@ariel.cs.yorku.ca
------------------------------
From: thomas@melchior.frmug.fr.net (Thomas Quinot)
Subject: Re: PPPD permissions
Date: 5 Sep 1994 15:33:08 +0200
Le Prostetnic Vogon Gregory Trubetskoy <20>crit :
> What should I do to make this permitted? Somewhere in the README's it sais
> that pppd should be run by root - but how, then, I set up a ppp login
> without making the ppp user a root equivalent?
> Am I missing something obvious?
Run either ppplogin or pppd setuid root :-)
> P.S. The new nag is great, my hat is off to Olaf Kirch, but page 146 (post
> script version), "Configuring a PPP Server" obviously hasn't been proofread
> - check out the lower paragraph.
Hum... ppp has changed quickly since the nag was published, I'm afraid.
What you could do is mail an update to O. Kirsch for inclusion in future
revisions.
--
Thomas QUINOT | "Un roi sans divertissement est un
<thomas@melchior.frmug.fr.net> | homme plein de mis<69>re."
Linux - choice of a GNU generation | Jean GIONO
------------------------------
From: dror@netcom.com (Oz Dror)
Subject: Re: ? Kernel (1.1.47) ftape incompatibility
Date: Tue, 6 Sep 1994 17:47:39 GMT
Upgrading the kernel to 1.1.49, and installing the latest patches of
ftape did not solve the problem.
I think that there is a bug in the ftape kernel combination.
No system driver should be causing segmentation fault.
My guss is that it is related to DMA access.
-Oz
--
NAME Oz Dror, Los Angeles, California
SMAIL dror@netcom.com
PHONE (213) 874-7978 Fax (213) 874-7965
------------------------------
From: w1i1@ugrad.cs.ubc.ca (Eric Kwok-Wai Ng)
Subject: Re: Slackware on CD-ROM [?]
Date: 6 Sep 1994 11:19:12 -0700
>I use the infomagic cd-rom and am satisfied with it. It contains a lot more in
>addition to slackware, like the sls distribution. Plenty of stuff for you to
>play around. The thing I like about it is it is a prefect replica of slackware
>2.0 and everything I have used so far works without trouble. Sure beats
>copying to floppy and installing.
>
>Try ACC Bookstore in Connecticut at 1-800-546-7274
>
>The cost of the 2-CD set is about $20 and you pay about $5 for UPS ground.
>
>--
I also brought the infomagic cd-rom, but I didn't know how to install it from
CD-ROM, did you use slakeware 2.0 to install from CD-ROM to hard drive or
just run directly form CD-ROM, since only have a small hard-driver , I want
to run directly from CD-ROM, except for the x - windows. I had read the
readme file in disk2, and it told to just to link the directory LIVE from the
CD-ROM, but it does not mention how to do that, would you tell the methods
that you install the CD-ROM, step by step since I am just a new user of Linux
. Thank you!
>
>
------------------------------
From: vttoth@vttoth.com (Viktor T. Toth)
Crossposted-To: comp.os.linux.development,comp.os.linux.help,comp.os.linux.misc
Subject: Re: WARNING about shadow-mk package
Date: Tue, 6 Sep 1994 12:31:08
In article <im14u2c.778835074@cegt201> im14u2c@cegt201.bradley.edu (Joe Zbiciak) writes:
>And again: I do apologize for any inconvenience this may have caused
>anyone. The shadow-mk package is not insecure. The login.secure is
>indeed what it was titled. I do hope that this post lays to rest any
>suspicion about the shadow-mk package, its contents, and its author.
>I also apologize to Mohan Kokal for not realizing that such a small piece
>of code would cause such a large number of people to label him as a
>cheap-and-dirty cracker.
I have been reading this thread with great interest; first, I became (as did
many others) concerned about the possibility that code was distributed with
ill intent (even though I am not presently a user of the shadow-mk package);
later, I was simply curious as to the resolution of this.
Let me just say something LOUD AND CLEAR: I do *NOT* believe that you have any
reason to apologize to anyone. There was a sad misunderstanding here; with the
ever-present threat of viruses, trojan horses, and what not, people have a
good reason to be concerned; but all YOU did was provide the result of your
labors for all of us to use and enjoy, for which the least that you deserve is
our thanks. There is absolutely no reason for you to feel guilty when you have
contributed good code to the public domain.
I do not believe that the original poster has any reason to feel guilty
either. He did the right thing; posted a warning to all of us when there was
reason to believe that code with ill-intent was circulating and executing
regularly on our machines with root privileges. Unfortunately, no matter how
tactful you are, this is something that's very difficult to do without
implicating the author of the code in question.
So anyways, all I meant to say (since it appears nobody else said it) is that
you should both be thanked by the rest of us.
Viktor
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU
You can send mail to the entire list (and comp.os.linux.admin) via:
Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU
Linux may be obtained via one of these FTP sites:
nic.funet.fi pub/OS/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Admin Digest
******************************
Reference in New Issue View Git Blame Copy Permalink