Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.ysu.edu!usenet.ins.cwru.edu!magnus.acs.ohio-state.edu!math.ohio-state.edu!howland.reston.ans.net!newsfeed.internetmci.com!in2.uu.net!picard.chickasaw.com!picard.chickasaw.com!smcmahon From: Shawn McMahon <smcmahon@chickasaw.com> Newsgroups: comp.unix.bsd.bsdi.misc Subject: BSDI security Date: Mon, 5 Aug 1996 09:43:24 -0500 Organization: Chickasaw Nation Net Lines: 16 Message-ID: <Pine.BSI.3.94.960805093815.17110A-100000@picard.chickasaw.com> NNTP-Posting-Host: picard.chickasaw.com Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII To: bsdi-users@bsdi.com Does anyone know of a way that a person could su himself to root on a BSDI system, without having his name in the "wheel" group? Whether with or without knowledge of the root password, is there a way? And, is there a defense? On the system in question, no terminals are marked "secure" except the console entries. It's unlikely that the root password got out, although it is of course possible. Shawn McMahon | Smokesignals Computer Company Senior System Operator | Southern Oklahoma's Internet Service Provider Chickasaw Nation Net | 405 332-0033 http://www.chickasaw.com