Date: Mon, 16 Jun 1997 23:05:39 +0200 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@FreeBSD.ORG Subject: Re: (Fwd) Re: Serious potential IMAP problem Message-ID: <19970616230539.ZT15015@uriah.heep.sax.de> In-Reply-To: <199706161925.MAA11250@train.tgci.com>; from Riley J. McIntire on Jun 16, 1997 12:25:30 %2B0000 References: <199706161925.MAA11250@train.tgci.com>
next in thread | previous in thread | raw e-mail | index | archive | help
As Riley J. McIntire wrote: > Normally I just lurk on the hackers list, but at the risk of being > flamed, thought this might generate some interest here as a possible > enhancement to FreeBSD. This is probably highly inflammable material. :) I will restrict the number of my followups. > > In good operating systems, there is a non-root state which equates to being > > "not logged in"; it issue an unprivileged system call to log in with > > authentication credentials in the call. The kernel validates the > > authentication credentials and sets the process's user id on success. > > I concur with this analysis. I think this guy is simply looking through his NT view onto the world, nothing else. In NT, you gotta ``log in'' first in order to do anything. In Unix, you run a process with your credentials, and you don't need to be logged in (e.g. cron can run it on your behalf). Providing a such a metauser/-state would IMHO be just _the_ target for hacking then, since you can afterwards assume any UID, including root -- since if this state can be used to login a user, it must be able to obtain Superuser privileges (in order to log in the Superuser). Presumably, after authenticating him, but if some cracker gets a similar process that doesn't authenticate, he got root. The ``good operating system'' with its method has already been proven that the requirement to always log in first also has its problems... There are rumours that when you use their telnetd, the console user suddenly switches to the identity of the telnetting user. :-O -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970616230539.ZT15015>