Return to BSD News archive
Path: sserve!manuel!munnari.oz.au!uunet!usc!news From: merlin@neuro.usc.edu (merlin) Newsgroups: comp.unix.bsd Subject: 386bsd security enhancements are needed before using INTERNET! Date: 25 Jul 1992 22:34:44 -0700 Organization: University of Southern California, Los Angeles, CA Lines: 35 Sender: merlin@neuro.usc.edu (merlin) Message-ID: <l74ebkINN1sd@neuro.usc.edu> NNTP-Posting-Host: neuro.usc.edu I'm going to suggest someone with a very good knowledge of 4.3BSD UNIX security should go through and make a list of the most obvious security problems and fixes which should be applied to 386BSD-0.1. This listing should be probably forwarded to ljolitz@cardio.ucsf.edu to ensure it is incorporated into the next release. I understand the system is not intended to be secure. However, it seems to me obviously easy to fix areas of security concern should be repaired before the next distribution. Certainly anyone installing this software on a network connected machine should use vipw to edit the four accounts at the end of /etc/passwd out of the system. Everyone should also enter passwords (using 'passwd <userid>') for root, toor, and any other userid with an empty password. Without these changes, the 386bsd systems could be very easily identified and exploited by even the most inexperienced network hacker -- putting an unmodified 386bsd system on a network would compromise security of systems previously protected by 'firewall' and/or other security mechanisms which rely on the integrity of local machines. It might also be helpfull to provide a precompiled tar file containing a copy of each of the binaries necessary to install crypt in tar format on an anonymous ftp node somwhere on INTERNET. The tar/cpio archive should automatically replace the appropriate executables when untarred/uncpio'd. The README should be very clear about logging into root, untarring this file, and immediately changing the root password using 'passwd <userid>'. As far as use of 'crypt' for password authentication -- i have been told by our local legal people that this is a permitted exception to the well known prohibition against unlicensed export of cryptographic codes. The fact of the matter is that the precompiled password authentication codes present absolutely no risk to national security. Indeed, I believe that the apparently lawfull circulation the the cryptoanalytic codes cracking passwords certainly present far more risk than a password authentication archived for domestic and international distribution. AJ