Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!oleane!tank.news.pipex.net!pipex!news.maz.net!news.m-u-b.de!hamlet.m-u-b.de!toni From: toni@hamlet.m-u-b.de (Toni Mueller) Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.bsdi.misc Subject: Re: Circumventing immutable file protections Followup-To: comp.unix.bsd.misc,comp.unix.bsd.bsdi.misc Date: 12 Aug 1995 19:48:46 GMT Organization: Mueller & Brandt GbR Lines: 35 Message-ID: <40j0iu$j13@hamlet.m-u-b.de> References: <DCvE8s.15A@candle.pha.pa.us> <4095br$3tj@kragar.kei.com> <409qef$t3n@Germany.EU.net> <DD4v3C.I6K@wlbr.iipo.gtegsc.com> <40h0on$5k6@park.uvsc.edu> Reply-To: support@m-u-b.de NNTP-Posting-Host: hamlet.m-u-b.de X-Newsreader: TIN [version 1.2 PL2] Xref: euryale.cc.adfa.oz.au comp.unix.bsd.misc:171 comp.unix.bsd.bsdi.misc:640 Terry Lambert (terry@cs.weber.edu) wrote on 12 Aug 1995 01:39:35 GMT: > sms@wlv.iipo.gtegsc.com (Steven M. Schultz) wrote: > > Ever change your password while / was mounted ro? Uh, me thinks > > passwd will throw a fit at not being able to change /etc/passwd > > and associated files. Hmmm, now we need a rw copy of /etc which > > is where any cracker is likely to concentrate anyways... > NIS. > The password change is on the NIS server, not on the local machine, > which allows you to cookie-cutter configurations for the local > machine (which is the point in the first place). Well, after reading what kind of loads of problems NIS has, I would rather prefer it hardcoded. If security is that important, I would probably try to make the machine non-autobootable (kernel patch ?) so that any modified /etc/rc scripts would just not get executed. If the system then goes down unexpectedly you have to reboot with your boot floppy. Of course, that floppy must not be contaminated, and it must contain a suitable kernel. Regards, -------- Toni M"uller M"uller & Brandt GbR support@m-u-b.de +49 2261 79351 Internet, Unix, networking, administration, consulting, programming Microsoft Network is prohibited from redistributing this work in any form, in whole or in part. Copyright, Toni M"uller, 1995. License to distribute this post is available to Microsoft for $1000. Posting without permission constitutes an agreement to these terms. Please send notices of violation to support@m-u-b.de and Postmaster@microsoft.com