News for wibblers. Stuff that really doesn't matter. |
|
News for wibblers. Stuff that really doesn't matter. |
|
Save the teapot fund
New CSS web design for Wibble proudly provided by Kelv. Please contact the webmaster with any questions or concerns. |
Wibble > List archives > bugtraq > 1998 [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Security risk with powermanagemnet on Solaris 2.6
lej writes to bugtraq:
>From: Lars-Erik Johansson <lej@xxxxxxxx>
>Subject: Re: Security risk with powermanagemnet on Solaris 2.6
>To: BUGTRAQ@xxxxxxxxxxxx
more text deleted
>I have another interesting aspect of Powermanager. In solaris 2.6
>powermanager is now installed by default including the setuid program
>usr/openwin/bin/sys-suspend which can be used by any user to suspend the
>machine and turn off the power. I think this is scary...
not so. Who is allowed to run sys-suspend (according to the man page) is
controlled by the configuration file /etc/default/sys-suspend. The default is
PERMS=console-owner
thus only the "console owner" can suspend the system. If an intruder
has physical access to the console, then yes he/she could use sys-suspend.
But then you have bigger problems imho :-) :-\
I'd agree that the default configuration should probably be
PERMS= -
or
PERMS=root
edit by hand or a simple titan script would fix this.
=======================================================================
Brad Powell : brad.powell@xxxxxxx
Sr. Network Security Architect
Sun Microsystems Inc.
=======================================================================
The views expressed are those of the author and may
not reflect the views of Sun Microsystems Inc.
=======================================================================
|
