Hi Paul, > Miguel, I've not studied your patch in detail, but if I understand the basic > idea, your patch fixes this by protecting the shared secret with the system's > file permissions: the secret then exists as a file rather than being embedded > within the executables. This, in effect, allows the sysadmin to vet code by > switching on the suid bit: code that doesn't obtain the needed escalated > privileges simply cannot read the share secret. > > If I may make a friendly amendment: you should make the binary sgid rather > than suid, specify a group (mauiclients) and have the shared secret read-only > (chmod 2440) and owned by (for example) root:mauiclients. This would prevent > a privilege escalation exploit for mauth from allowing someone to altering or > deleting the shared secret. > Thank you for your suggestions, I will study them :) > I'm not sure what mcsaDES does (DES-based hashing algorithm?), but (afaik) > DES > isn't considered secure anymore. I'm guessing this could lead to known > plain-text attacks. > Yes it is DES-based, but I think that can be changed easily.
Regards, Miguel _______________________________________________ mauiusers mailing list [email protected] http://www.supercluster.org/mailman/listinfo/mauiusers
