Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Jul 2002 20:18:39 -0700 (PDT)
From:      Marcos Galindo <galindo@cable.net.co>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   i386/40965: Random root access to non-root users from remote ssh shell
Message-ID:  <200207250318.g6P3Id43050317@www.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         40965
>Category:       i386
>Synopsis:       Random root access to non-root users from remote ssh shell
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jul 24 20:20:03 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Marcos Galindo
>Release:        4.6 release
>Organization:
Isec Ltd
>Environment:
4.6-RELEASE #0: Tue Jun 11 06:14:12 GMT2002 murray@builder freebsdmall.com :/usr/src/sys/compile/GENERIC i386      
>Description:
System runs an API on Postgresql 7.2 to control a small business. Users login remotely from freebsd, linux and windows machines via ssh. Remote root login is not allowed. Randomly, however, current users, using their usual login names and passwords, find they have logged-in as root. It usually happens a couple of times a day. The system is loaded with around 25 users. Any hint to look after ? Other than that, system runs perfectly and cleanly. Sorry for the release #0, I downloaded it from your ftp site. I expect to purchase a brand new  set next month during a trip to the US. I did, however, purchase two full 4.2 releases with Greg's books a couple of years ago which I did not really get to use.  I have currently been using linux. I tried 4.2 4.4 and 4.5 releases. 4.2 did not allow me to go beyond the initial installation steps. It found a 2gb hard disk too big. With 4.4 I could not get the Xwindow to work. With 4.5, burncd decided not to go. 4.6 has been very easy to instal
 l and burncd works nicelly for the backups. Everything runs as promissed. 
>How-To-Repeat:
      
>Fix:
      
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207250318.g6P3Id43050317>