Author: Preston St. Pierre
week, advisories were released for sendmail, tcpdump, kernel, samba,
mailreader, courier, abiword, subversion, php, sox, Pavuk, phpMyAdmin,
postgresql, XFree86, webmin, mod_ssl and wv. The distributors include
SCO Group, Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat,
Slackware, Suse and Trustix. Using Sudo
sudo is a mechanism of providing root prileges to an ordinary user.
If you absolutely positively need to allow someone (hopefully very
trusted) to have superuser access to your machine, there are a few
tools that can help. Sudo allows users to use their password to access
a limited set of commands as root. Sudo keeps a log of all successful
and unsuccessful sudo attempts, allowing you to track down who used
what command to do what. For this reason sudo works well even in places
where a number of people have root access, but use sudo so you can keep
track of changes made.
Although sudo can be used to give specific users specific privileges
for specific tasks, it does have several shortcomings. It should be
used only for a limited set of tasks, like restarting a server, or
adding new users. Any program that offers a shell escape will
give the user root access. This includes most editors, for
example. Also, a program as innocuous as /bin/cat can be used to
overwrite files, which could allow root to be exploited. Consider sudo
as a means for accountability, and don’t expect it to replace the root
user, yet be secure.
To do almost any administrative function in Linux one requires root
(privileged) access. Unfortunately the built in mechanisms that can be
used to grant this type of access are relatively weak. The primary tool
is “su” which lets you run a shell as another user, unfortunately you
need the other user’s password, so everyone you want to grant root
access will have the password and unrestricted access. A slightly more
fine grained tool is the setuid or setgid bit, if this is set on a
file, then the file runs as the user or group that owns it (typically
root). Managing file permissions, and ensuring there are no bugs in the
program that can be used to gain full root access is difficult at best.
Security Tip Written by Dave Wreski (dave@guardiandigital.com)
Additional tips are available at the following URL:
http://www.linuxsecurity.com/tips/
—–
LinuxSecurity
Feature Extras:
Security
Expert Dave Wreski Discusses Open Source Security – Dave Wreski, CEO of
Guardian Digital, Inc. and respected author of various hardened
security and Linux publications, talks about how Guardian Digital is
changing the face of IT security today. Guardian Digital is perhaps
best known for their hardened Linux solution EnGarde Secure Linux,
touted as the premier secure, open-source platform for its
comprehensive array of general purpose services, such as web, FTP,
email, DNS, IDS, routing, VPN, firewalling, and much more.Catching up with Wietse Venema, creator of Postfix and TCP
Wrapper – Duane Dunston speaks at
length with Wietse Venema on his current research projects at the
Thomas J. Watson Research Center, including his forensics efforts
with The Coroner’s Toolkit. Wietse Venema is best known for the
software TCP Wrapper, which is still widely used today and is
included with almost all unix systems. Wietse is also the
author of the Postfix mail system and the co-author of the very cool
suite of utilities called The Coroner’s Toolkit or “TCT”.[ Linux
Advisory Watch ] – [ Linux Security Week
] – [ PacketStorm
Archive ] – [ Linux
Security Documentation ]
Linux
Advisory
Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.[
Subscribe
]
| Distribution: | SCO Group | ||
| 7/29/2004 | sendmail | ||
| Multiple vulnerabilities
This patch addresses one Denial of Service vulnerability and one other |
|||
| 7/29/2004 | tcpdump | ||
| Multiple vulnerabilities
This patch addresses three seperate vulnerabilities of tcpdump. |
|||
| Distribution: | Conectiva | ||
| 7/29/2004 | kernel | ||
| Multiple vulnerabilities
This patch fixes five seperate kernel vulnerabilities. |
|||
| 7/30/2004 | samba | ||
| Buffer overflow vulnerabilities Exploitation of these vulnerabilites could lead to execution of |
|||
| Distribution: | Debian | ||
| 7/23/2004 | libapache-mod-ssl Multiple vulnerabilities |
||
| Buffer overflow vulnerabilities This patch resolves a buffer overflow and a format string |
|||
| 7/23/2004 | mailreader | ||
| Directory traversal vulnerability A directory traversal vulnerability was discovered in mailreader |
|||
| 7/23/2004 | courier | ||
| Cross Site Scripting vulnerability An attacker could cause web script to be executed within the security |
|||
| 7/29/2004 | libapache-mod-ssl Multiple vulnerabilities |
||
| Cross Site Scripting vulnerability This patch fixes a buffer overflow and a format string vulnerability in |
|||
| Distribution: | Fedora |
||
| 7/23/2004 | abiword | ||
| Undefined security fix
2.0.5 + wv security backport |
|||
| 7/23/2004 | subversion | ||
| Information leak vulnerability Vulnerability allows reading of part of a repository when a user can |
|||
| 7/23/2004 | php | ||
| Multiple vulnerabilities
This patch resolves two different php vulnerabilities, one of which |
|||
| 7/29/2004 | sox | ||
| Buffer overflow vulnerabilities Exploiting this, an attacker could embed arbitrary code in a calicious |
|||
| Distribution: | Gentoo | ||
| 7/29/2004 | Subversion | ||
| Permission escape vulnerability Users with write access to parts of a Subversion repository may bypass |
|||
| 7/29/2004 | Pavuk | ||
| Buffer overflow vulnerability Pavuk contains a bug that can allow an attacker to run arbitrary code. |
|||
| 7/30/2004 | samba | ||
| Buffer overflow vulnerabilities Two buffer overflows vulnerabilities were found in Samba, potentially |
|||
| 7/30/2004 | phpMyAdmin | ||
| Multiple vulnerabilities
Multiple vulnerabilities in phpMyAdmin may allow a remote attacker with |
|||
| 7/30/2004 | SoX | ||
| Buffer overflow vulnerabilities By enticing a user to play or convert a specially crafted WAV file an |
|||
| Distribution: | Mandrake | ||
| 7/23/2004 | samba | ||
| Buffer overflow vulnerabilities This patch fixes two seperate exploitable buffer overruns in samba. |
|||
| 7/29/2004 | postgresql | ||
| Buffer overflow vulnerability A buffer overflow has been discovered in the ODBC driver of PostgreSQL. |
|||
| 7/29/2004 | XFree86 | ||
| Improper open port vulnerability XDM in XFree86 opens a chooserFd TCP socket even when |
|||
| 7/29/2004 | webmin | ||
| Multiple vulnerabilities
This patch addresses an information leak and a method that allows brute |
|||
| 7/29/2004 | mod_ssl | ||
| Insecure log access
Ralf S. Engelschall found a remaining risky call to ssl_log while |
|||
| 7/29/2004 | sox | ||
| Buffer overflow vulnerabilities Ulf Harnhammar discovered two buffer overflows in SoX. They occur when |
|||
| 7/30/2004 | wv | ||
| Buffer overflow vulnerabilty iDefense discovered a buffer overflow vulnerability in the wv package |
|||
| 7/30/2004 | OpenOffice.org Multiple vulnerabilities |
||
| Buffer overflow vulnerabilty These updated packages contain fixes to libneon to correct the several |
|||
| Distribution: | Red Hat | ||
| 7/29/2004 | samba | ||
| Buffer overflow vulnerability The Samba team discovered a buffer overflow in the code used to support |
|||
| 7/30/2004 | sox | ||
| Buffer overflow vulnerabilities A malicious WAV file could cause arbitrary code to be executed when the |
|||
| 7/30/2004 | ipsec-tools Key verification vulnerability |
||
| Buffer overflow vulnerabilities When configured to use X.509 certificates to authenticate remote hosts, |
|||
| Distribution: | Slackware | ||
| 7/29/2004 | samba | ||
| Buffer overflow vulnerabilities This fixes two buffer overflows in SAMBA. There are two sections to |
|||
| 7/29/2004 | mod_ssl | ||
| Format string vulnerability A format string vulnerability in mod_proxy hook functions could allow |
|||
| Distribution: | Suse | ||
| 7/23/2004 | samba | ||
| Buffer overflow vulnerabilities This patch resolves two buffer overflows, both of which could be used |
|||
| Distribution: | Trustix | ||
| 7/29/2004 | apache,mod_php4,samba Multiple vulnerabilities |
||
| Buffer overflow vulnerabilities This patch fixes a variety of vulnerabilities affecting apache, |
|||
