- What does Trust mean in Unix?
- It means that once a user is logged into a machine, every other machine on the network will extend whatever level of trust has been extended to that user.
- This means a user can hop from machine to machine, gaining whatever level of trust each machine and account has.
- What are the implications?
- If a Linux machine is used as a gateway between two networks (i.e. a public and private one), then someone who breaks into that gateway can gain access to the private network.
- If remote logins are allowed then someone who breaks into a machine that has that remote access can gain access to the machine granting the access.
- If a computer masquerades as a trusted machine, a user on that machine can get access.
- If not properly set up, remote logins can grant "trusted user" status to someone who should not have it.
- Where is this usually encountered?
- If a Linux machine is used as a gateway between two networks (i.e. a public and private one), then someone who breaks into that gateway can gain access to the private network.
- Using remote logins and remote shell executions.
- The problem: improperly setup hosts.equiv and .rhosts file.
- Prime example: use of "+" for machine or account
- Solution: Don't use hosts.equiv and monitor .rhosts file (perhaps with a crontab job).
- Once access is granted, there is no authentication.
- Solution: Use secure shell.
- Using NFS
- One problem: allowing widespread access with improperly set permissions.
- Solution: Limit access in /etc/exports.
- Another problem: no authentication to assure that user is really the right user
- Solution: Use NIS to authenticate users.
CLUG HOME
| Events
| Directions
| Members
| Mailing Lists
(archives,
FAQ)
Resources
| Search
| Library
| Presentations
| Contributions
| Bylaws
| Board Minutes