
              NOVELL TECHNICAL INFORMATION DOCUMENT

TITLE:              Security Enhancement LOGIN.EXE 4.02
DOCUMENT ID:        TID013339
DOCUMENT REVISION:  A
DATE:               02SEP93
ALERT STATUS:       Yellow
INFORMATION TYPE:   Symptom Solution
README FOR:         SECLOG.EXE

NOVELL PRODUCT and VERSION:
NetWare 4.0

ABSTRACT:

LOGIN.EXE v4.02 eliminates a small window of exposure under NetWare 4.x where
a user's name and password may be temporarily swapped to disk when running in
a DOS environment with less than 640KB of EMS or XMS memory, or if the login
script uses a SWAP command to swap to disk instead of to memory.  (If you are
not using the external command (#), you don't need to install this update.)


DISCLAIMER
THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO NOVELL.  NOVELL
MAKES EVERY EFFORT WITHIN ITS MEANS TO VERIFY THIS INFORMATION.  HOWEVER, THE
INFORMATION PROVIDED IN THIS DOCUMENT IS FOR YOUR INFORMATION ONLY.  NOVELL
MAKES NO EXPLICIT OR IMPLIED CLAIMS TO THE VALIDITY OF THIS INFORMATION.


SYMPTOM

     A small window of exposure exists where a user's name and password may be
     temporarily swapped to disk when running in a DOS environment with a
     small memory configuration.  The NetWare 2.x and NetWare 3.x LOGIN
     utilities are not affected and require no enhancement.

CAUSE
     
     In NetWare 2.x and 3.x, LOGIN.EXE keeps a version of the user ID and
     password in protected domain memory so that attachment to other servers
     does not require the user to reenter the same information.  After the
     login process is complete, the memory is cleared.  This process poses no
     security threat in NetWare 2.x or 3.x.

     In NetWare 4.x, the login process contains more steps.  The LOGIN.EXE is
     larger because the added security features, such as NDS and
     authentication, have expanded the file size.  During the current NetWare
     4.x login and authentication process, portions of LOGIN.EXE may be
     temporarily swapped to extended or expanded memory or to disk in DOS
     environments with less than 640KB EMS or 640KB XMS memory configurations.
     If login is temporarily swapped to disk, it is placed in the current
     directory of the default disk, whether local or on the network.
     
     A security threat occurs if a portion of the login executable containing
     the user ID and password information is temporarily swapped to disk. 
     After login completes, a user may be able to salvage or undelete the
     temporary swap file, gaining access to read the user ID and password
     information of the logged-in network user.

SOLUTION

     Novell recommends that security conscious users implement the new
     LOGIN.EXE v4.02 for NetWare 4.0 or 4.01 environments.

     Solution Specifics:

     Note:  The new version of LOGIN.EXE will be incorporated in future
     versions of NetWare 4.x.

     Self-Extracting File Name:  SECLOG.EXE      Revision:  A

     Files Included     Size     Date       Time

     SECLOG.TXT       (This file)
     LOGIN.EXE        354859   08-25-93    11:43a

     Installation Instructions:

     1.   Flag LOGIN.EXE in your PUBLIC and LOGIN directories to Shareable and
          Read/write.  For example, at the LOGIN directory, type:

               FLAG LOGIN.EXE SRw <Enter>

     2.   Copy LOGIN.EXE from your PUBLIC and LOGIN directories to a diskette
          for backup purposes.

     3.   Copy this version (4.02) of LOGIN.EXE to your PUBLIC and LOGIN
          directories.

     4.   Flag the newly installed LOGIN.EXE in your PUBLIC and LOGIN
          directories to Shareable and Read only.  For examle, at the PUBLIC
          directory, type:

               FLAG LOGIN.EXE SRo <Enter>

     After installing LOGIN.EXE 4.02, you should require all users to change
     their passwords.

     If this security enhancement is installed on a NetWare 4.0 server after
     completing the upgrade to NetWare 4.01, verify that the LOGIN.EXE is
     v4.02.  If the LOGIN.EXE is not v4.02, reinstall this enhancement.  Use
     the NDIR.EXE utility with the /ver option to verify the version
     information.  For example, at the PUBLIC directory, type:

          NDIR LOGIN /ver




