------------------------------ Date: Tue, 27 Aug 91 17:36:25 EST From: Gene Spafford Subject: File 9--Spaf's Response to Reviews of _Unix Security_ Just a couple of quick comments on some of the points made in the reviews of "Practical Unix Security" in Volume #3.30. Jim Thomas noted that we were brief in our explication of the laws concerning computer intrusion. That was intended -- rather than giving inexpert legal advice, we would prefer that the readers discover the finer points through consultation with trained legal counsel. Although we got advice from some experts in the area, we didn't feel up to a formal treatment of the legal aspects related to security; we made reference to other appropriate references in the appendix, and felt it best left at that. Legal action is a serious step that should not be undertaken solely on the basis of our treatment in the book! Neil Rickert commented in his review about our recommendation not to make the mail command the login shell on an account. He states that the user would get the login shell using the shell escape (viz., doing a ~ will result in a new invocation of mail), and this is not as clear a problem. On at least one system I have used, doing a "~!/bin/sh" has given me a shell no matter what the login shell was. On some systems, escaping into the editor with "~e" then allows the user to call up a shell. On some versions (including SunOS), doing a "~:set SHELL=/bin/sh" lets me bypass the current idea of login shell. Rather than give all the what-ifs, we decided to recommend against the practice -- it is a major accountability hole, too. Neil caught an error with the statement about "su" -- we were both thinking "suid" when we proofread it, and it slipped by. Mea culpa. As for us making sound Unix scarier that it is, well, some versions of Unix are pretty scary! We tried to keep the paranoia from overcoming us, but after 500 pages of describing potential problems in all the myriad forms of Unix, it became a losing battle. Then too, to get in the proper frame of mind to do serious security work, one needs a touch of paranoia. That's probably one of the key concepts that we must not have stressed enough later in the book -- not every system is vulnerable to every problem we described. Some systems have been tightened up, and others are like Swiss cheese. Simson and I are grateful for any other comments people care to make, here or in mail. ------------------------------ End of Computer Underground Digest #3.33 ************************************ Downloaded From P-80 International Information Systems 304-744-2253