The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: Zardoz 'Security Digest' - Archives (1989 - 1991)
DOCUMENT: Zardoz 'Security Digest' V1 #4 1989-01-30 (1 file, 5000 bytes)
NOTICE: recognises the rights of all third-party works.


Date: Mon, 30 Jan 89 14:23:13 PST
Subject: Security Digest V1 #4

Security Digest Volume 1 Issue 4


            Sendmail again
            Re:  do not run fingerd as root
            Re: do not run fingerd as root
            mailing list directions
            Re: meta-password in 'lock'
            Re: meta-password in 'lock'
            Setuid-root check program.


Date: Fri, 27 Jan 89 14:35:03 EST
From: uunet!!page (Bob Page)
Subject: Sendmail again

Under many old versions of sendmail, the "-C file" command line option
(another test feature) did not check read permissions.  Since sendmail
runs as root it had no problem reading any file, and anyone could say
something like
        sendmail -bt -C/usr/spool/mail/user
to read user's mail.  (sendmail complains about every line in the file,
dumping them to your screen)

Current sendmail's from UCB don't allow this, but not every vendor is
running current rev sendmails.  You might check yours.  (A quick check
shows Ultrix 2.2 and Dynix 3.0.14 still have the bug, while SunOS 4.01,
DG/UX 4.01 and Stellix 1.5 don't).

The quick fix is to rip out the -C option, but it's not that much
harder to change the bad code.  The best solution is to get the
latest sendmail.


Date: Fri, 27 Jan 89 11:06:56 PST
From: uunet!ssyx.UCSC.EDU!koreth (Steven Grimm)
Subject: Re:  do not run fingerd as root

Our fingerd just checks to see that it's not reading a symbolic link.  Easy


Date: Sun, 29 Jan 89 16:18:58 +0100
From: Svante Lindahl <uunet!mcvax!!Svante.Lindahl>
Subject: Re: do not run fingerd as root

Bill Wisner <[email protected]> writes
> There's that protected file. The solution, of course, is to have fingerd
> run under a harmless UID, like nobody.

I'd call this a work-around. The solution is fixing finger so it
checks that .plan and .project are regular files. I did this at my
previous place of employment when some joker had done "ln -s /dev/tty
.plan", which had the unpleasant effect of hanging finger until you
^C:d it. Not a big bad security bug, but annoying none the less.


Date: Fri, 27 Jan 89 15:39:09 PST
From: neil (Neil Gorsuch)
Subject: mailing list directions

There are now 323 destinations for this mailing list.  Some of the
recent submissions have been sent to the wrong addresses, so here
are the official directions.

submissions:                    security
administrative requests:        security-request
emergency alerts:               security-emergency

You can choose to have normal postings sent to you as reflected mail,
or as moderated digests.  Emergency postings always get sent back out
automatically as reflected mail.  Moderated digests are sent out once
or twice a week.

Also, the system name to send it to for uucp connections is zardoz,
not is the officially registered internet name of
this system, and mail sent to from the internet should be
properly translated at our MX record holder (uunet at present) to
!zardoz!name.  Mail sent over uucp connections to !!name will
probably bounce, since the dump uucp style mailer here doesn't know
what to do with a system name of  In a week or two I will
install Sunos 4.0.1, which should fix that situation.


Date: Sat, 28 Jan 89 19:01:01 EDT
From: a.e.mossberg <uunet!!aem>
Subject: Re: meta-password in 'lock'

|>  No kidding.  The 4.1BSD [I think] `lock' had a hardcoded magic
|>  unlock password ("hasta la vista"), and ^Z would stop it as

Unfortunately, the change hasn't propagated elsewhere.  In all the version
of Ultrix I've tried (1.2,2.2,and 3.0) there is a hard-coded password
of hasta la vista.  They all ignored CTRL-Z, though.


Date: Mon, 30 Jan 89 13:27:15 PST
From: neil (Neil Gorsuch)
Subject: Re: meta-password in 'lock'

>>  No kidding.  The 4.1BSD [I think] `lock' had a hardcoded magic
>>  unlock password ("hasta la vista"), and ^Z would stop it as

However, I did find this bug in a beta Ultrix 3.0 release (it may have
been fixed though).  Apparently, some vendors aren't looking at the
source before shipping...


Date: 1 Jan 70 00:46:56 PDT (Thu)
From: ccicpg!uunet!Tynan.COM!dtynan (Dermot Tynan)
Subject: Setuid-root check program.

Well, with all the debate about setuid-root programs, I finally sat down and
wrote something to check the system and look for strangeness in the setuid
programs.  I figured that a lot of people (like me) have procrastinated
when it came to doing this, so I'm submitting this simple script which works
just fine with System V.  If it doesn't work with BSD, I'm sure it can be
easily modified.  I should really post it to the net but figured most
interest would be here.  At any rate, do with it what you want...
                                                - Der
---------------------- CUT HERE ----------------------------
echo x -
sed '/^X/s///' > << '/'
X#      @(#)        1.1     (Tynan Computers Ltd)
X#              Copyright (c) 1989, Tynan Computers Ltd.
X#      Permission is granted to use or distribute this program,
X#      provided that this copyright notice is retained, and that
X#      it is not sold for profit or commercial gain.
X# A quick program to check the filesystem and track down any errant
X# SUID-root programs.  It should be executed once a month, or more
X# frequently, depending on the administrators paranoia.  Basically,
X# the script compares the name, filesize and time of last modification
X# of every program which has the setuid bit on, and is owned by root.
X# Install this script in whatever directory you want (I use /etc), and
X# add a line to 'crontab'.  Then, to prepare an initial snapshot (or to
X# generate a new one), run the following:
X# find / -perm -4000 -user root -exec ls -lF {} \; >/usr/lib/suid.allow
X# Dermot Tynan ([email protected]) - Comments welcome...
X# Unfortunately, the big problem with these kinds of scripts, is that
X# they tend to give a false sense of security.  Just because you run
X# this script *hourly* doesn't mean that you'll catch everything.  All
X# this does, is give an added level of protection.
Xtrap "rm -f $TMPFILE; exit 0" 0 1 2 3
Xif test ! -f $ALLOW
X       touch $ALLOW                    # Generate a dummy suid.allow file
X       mail root <<EOF
XSubject: Possible Security Violation.
X       WARNING!!!  I could not find a list of authorized setuid-root
X       programs on this system.  I can only assume it was accidentally
X       deleted.  Please regenerate this file, as I have created a dummy
X       version, which will produce considerable errors.  Thank you.
X                                               - Security
Xif test ! -f $LOG
X       touch $LOG                      # Generate a new log file
Xchmod 400 $LOG $ALLOW
Xchown root $LOG $ALLOW
Xecho "Subject: Possible Security Violation.\n" >$TMPFILE
Xecho "[SUID check executed on `date`]\n\n< = OLD configuration" >>$TMPFILE
Xecho "> = NEW configuration\n----------" >>$TMPFILE
Xif find / -perm -4000 -user root -exec ls -lF {} \; | diff $ALLOW - >>$TMPFILE
X       echo "SUID check executed on `date`.  No problems found." >>$LOG
X       echo "***** SUID check failed.  Executed on `date` *****" >>$LOG
X       cat <<EOF >>$TMPFILE
X       WARNING!!!  There appears to be a change in the list of
X       programs which have setuid-root (see above).  This could
X       indicate a serious security violation.  Please check it
X       immediately.  If the change is authorized, please update
X       the list file to reflect it.  Thank you.
X                                       - Security
Xmail root <$TMPFILE
---------------------- CUT HERE ----------------------------

From [email protected] Fri Feb  3 23:03:07 1989
From: [email protected] (Lawrie Brown)
Subject: Cryptography: An Introduction to Computer Security by Sebbery & Pieprzyk
Message-Id: <[email protected]>
Date: 15 Jan 89 23:45:56 GMT
Status: OR

Apparently Prentice-Hall US, are having problems obtaining this book.
It IS OUT, and Prentice-Hall Australia have substantial stocks of it.
For details contact

The Marketing Dept.
Prentice Hall Australia
PO Box 151
Brookvale. NSW 2100


Phone:  +61 2 938 1830
Fax:    +61 2 938 6826

To help you gauge your interest in the book, appended below are the
cataloging details and the Table of Contents.

Lawrie Brown.

Library of Congress
Cataloguing-in-Publication Data
Seberry, Jennifer, 1944-
  Cryptography: an introduction to computer security/by Jennifer
  Seberry and Josef Pieprzyk.
    p.  cm
  ISBN 0-13-194986-1
  1. Computers - Access control.  2. Cryptography.
  I. Pieprzyk, Josef, 1949-  .II. Title.
QA76.9.A25S37 1988
005.8 - dc19                                            87-27026



Chapter 1.      Introduction

Chapter 2.      Background theory

                2.1  Mathematical methods
                2.2  Complexity theory
                2.3  Complexity of selected problems used in cryptology
                2.4  Information theory

Chapter 3.      Encryption methods of information protection

                3.1  Classical ciphers
                3.2  Symmetric algorithms and DES
                3.3  Asymmetric algorithms or public key cryptosystems

Chapter 4.      Authentication methods

                4.1  Elementary methods of message authentication
                4.2  Subliminal channel
                4.3  Digital signatures
                4.4  Other authentication techniques
                4.5  Summary

Chapter 5.      Cryptography in computer network security

                5.1  Information protection in computer networks
                5.2  Key management issues
                5.3  Electronic funds transfer (EFT)
                5.4  Summary

Chapter 6.      Application of cryptography in databases

                6.1  Database model
                6.2  Crytographic transformation preserving data structure
                6.3  Application of cryptography to protection of information
                     during processing
                6.4  Privacy homomorphisms
                6.5  Summary

Chapter 7.      Other cryptographic techniques

                7.1  Linear feedback shift registers
                7.2  One-way ciphers and passwords
                7.3  Smart cards and information cards
                7.4  Unforgeable ID cards using smart cards
                7.5  Summary

Chapter 8.      Security in operating systems

                8.1  Access control in computer systems
                8.2  Implementations of access control systems
                8.3  Rationale for security evaluation classes
                8.4  Summary

Chapter 9.      Minimum knowledge systems

                9.1  An introduction to the minimum knowledge concept
                9.2  More on the Fiat-Shamir smart card protocol
                9.3  Subliminal free verification using minimum knowledge
                9.4  Conclusion

Appendix A

                A.1  Frequencies of occurrences of characters in languages
                A.2  Frequencies of occurrences of pairs of letters in languages

Appendix B

                B.1  DES code
                B.2  Key representation for DES

Appendix C

                Vigenere, Beauford or Variant Beauford code