[plug] Linux security idea - maybe
Craig Ringer
craig at postnewspapers.com.au
Thu Jun 12 23:37:46 WST 2003
> Hmmm... I had not thought of that (the almost don't-care status of
> ownership) but I can see it now - as long as the right permissions for r,
> w and x are present, something could be owned by Joe Bloggs for all the
> system would care.
Not always, mind you. kernel module files must be root owned, for
example, or modutils will complain loudly and refuse to do anything. It
can be forced to, but you do have to force it. Basically, apps doing
things involving files that can have security-critical content (kernel
modules, occasional config files, etc) will check ownership and
permissions before doing anything.
> Multiple uid 0's eh? Clearly Denis needs to do more reading :-(
> Sorry, I'm a bit confused though... you mean "root" has a bogus password
> or /bin/false shell, hence you use the alternative account to log in as
> superuser?
Here's an example (DO NOT USE w/o first having a console open as root,
another root console running vi /etc/passwd, and a rescue disk handy -
just in case):
/etc/passwd
root:x:0:0:root:/root:/bin/false
realsuper:x:0:0:real superuser:/realsuper:/bin/bash
....other...users....
/etc/shadow
root:*:12165:0:99999:7:::
realsuper:MD5_PASSWORD_DELETED_FOR_SECURITY:12165:0:99999:7:::
....other....users....
Now, a login as root will always fail, and a login as "realsuper" will
succeed and give superuser rights. Occasional confusion where after
login your username sometimes appears as "root" (on created files for
example) is not unusual, but is not to be stressed about.
Works for me.
Craig Ringer
More information about the plug
mailing list