Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)

From: Frank Tobin (ftobinat_private)
Date: Tue Sep 04 2001 - 15:06:32 PDT

Next message: Kernel|X|: "ShopPlus Cart"

Previous message: Jon O .: "Highly respected OpenBSD, OpenSSH programmer censors website, cites DMCA"
In reply to: Wietse Venema: "Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Wietse Venema, at 10:48 -0400 on Tue, 4 Sep 2001, wrote:

   If an operator leaves his/her terminal unattended, then a miscreant
   can plant any number of trojan horses to gain future root access.

However, trojans can theoretically be avoided given the right
user-environment setup.  They also require action to be taken by the
victim, which increases the time it takes to execute the attack.  The
attack I describe is not a trojan, and needs no vicitim action.

The importance of needing user action is important, because increasing the
length of time from the start of the attack to the finish of it increases
the possibility of the trojan being detected by some means.

-- 
Frank Tobin		http://www.neverending.org/~ftobin/

Next message: Kernel|X|: "ShopPlus Cart"
Previous message: Jon O .: "Highly respected OpenBSD, OpenSSH programmer censors website, cites DMCA"
In reply to: Wietse Venema: "Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 23:27:07 PDT