Re: Linux login security approaches

Steffen *Console* Ullrich (steffen@edition-digital.com)
Tue, 8 Dec 1998 22:06:22 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Damien Miller: "Re: Dumb question: Which is "better" SCSI or IDE disks?"
Previous message: Serguei Koubouchine: "Re: ARRGHH !!! Gated is broken again in 2.1.131 ..."

Assume that a normal user logs in, then exec's his own login program which does nothing except
looking like a real login (e.g. login: prompt) but instead of letting you log in it simple saves the
password you put in into a users file. Note that this trojan horse has only the privileges of the
user who started it so it can't do the real login for you. But once it has the password it can
simply exec into the real login (which is suid) which will prompt you again so that you assumed
that you made a typo the first time and don't care any longer.

> <long letter about protecting against a trojaned login snipped>

> You have a fundamental flaw in your assumptions, since you don't take into
> account the fact that unless the security of the system is very badly
> messed up already, if a user is able to substitute his own program for
> the normal login/getty, he can also exchange his programs for whatevery
> else you add to give better "security".

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Damien Miller: "Re: Dumb question: Which is "better" SCSI or IDE disks?"
Previous message: Serguei Koubouchine: "Re: ARRGHH !!! Gated is broken again in 2.1.131 ..."