Hi James, James Sparenberg wrote: > yes but in order to change su the cracker would have to comprimise root > as well.
Agreed. meaning two passwords compromised not one. (users have read > access to su but not write) agreed also So I still agree with Todd better to have > two locks than one on on the door. > James agreed, in my case: $ ssh np850 -l now3d -t "/bin/su -l root" now3d@np850's password: Password: [root@np850 root]# First door lock as you and todd say is still there, but the point i was making was that the "su" for root would be executed in the users shell env, bash etc. If this was poluted or if someone had modified the .bashrc it would be executed before the "su" command was, and could log the stdin/stdout/stderr etc so its one less thing that could happen, if the passwd is still safe and just the home dir compromised you can then fix the problem without running aload of user scripts that mess up the situation more. specifying the path to the "su" binary is another way to avoid the poluted shell problem. This IS the best way to login, most of the time you will probably be ok with normal execution of "su" from a shell, but what about the one time when someone created an open NFS/SMB share of your home dir? etc etc Do you follow my point? Better to be safer than sorry. JG > On Mon, 2002-10-07 at 12:29, J. Grant wrote: > >>Hi Todd, James >> >>if only user accounts have been compromised >> >>.bashrc .tscshrc .profile etc could be changed to soemthing else, then >>su would not be the real su. >> >>if possible logging in directly as root is the best option, less chance >>of a compromised user account meaning root is compromised as well. >> >>ssh host -l jg -t "/bin/su -l root" >> >>this means that the users shell is not used, /bin/sh is >> >>this uses /bin/sh which does not load .bashrc etc etc >> >>LD_PRELOAD is ignored as well due to sh being suid root >> >>JG >> >>Todd Lyons wrote: >> >>>J. Grant wrote on Sun, Oct 06, 2002 at 08:07:32PM +0100 : >>> >>> >>>>theoretically not, if some1 has got a fake binary for your shell as a >>>>normal user, he/she can then log you getting root. best way is to get >>>>the ssh client to execute the login command as root and go in directly. >>>>(thus bypassing the binarys that could have been compromised) >>> >>> >>>If the user installed fake binaries (especially the shell), then they >>>already have root on your machine. >>> >>>Blue skies... Todd >> >> >>---- >> > > >>Want to buy your Pack or Services from MandrakeSoft? >>Go to http://www.mandrakestore.com > > > > > > ------------------------------------------------------------------------ > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
