On Fri, 15 Nov 2002 18:26:11 +0000, Glyn Kennington <[EMAIL PROTECTED]> wrote:
>Pigeon wrote: >> >And the `not an octal number' error suggest broken permissions somewhere. >> It does, doesn't it? That was Microsoft's fault for their LF/CR line >> break standard. In order to get my Linux box to boot again I had to >> manually copy in the files from >> dists/slink/main/disks-i386/2.1.11.1-1999.09.08/base2_1.tgz. Because I >> couldn't run tar & gzip, I had to unpack it with WinZip on my Windoze >> box. This resulted in every text file having LF/CR line breaks in, >> including /root/.profile, the source of this particular error. > >I was under the impression that tar and gzip (for DOS/Windows) were included >on the CD. (At least, this was true of potato, maybe not for slink.) So it >should be possible to extract the files straight to Unix linebreak format, >rather than munging it to the DOS one. I haven't got the Woody .iso's to >hand, so I can't check if they've got the necessary tools. The slink single CD has gzip for DOS but not tar. Since a .tar.gz is simply a gzipped .tar, and WinZip doesn't (as far as I can tell) inspect the files at all until it has unzipped it and reached the stage of extracting the tar, this doesn't help. I suppose I could have burst the tar by hand with Norton Utilities, but I'd rather not... The point is that WinZip is broken. An archiver shouldn't modify the files it's [un]archiving. But I didn't realise until it was too late. So even if the slink CD had had tar for DOS, I wouldn't have installed/used it, as I thought that the app I already had installed would work. >However, it's possible that su is vulnerable to a buffer overflow or similar >here. My understanding of your description is that, when presented with an >encrypted password it can't understand, it lets the user in automatically. >This is probably not a security hole in itself (an attacker would need to >have a user's account already, and be able to reliably overwrite sections of >a root-owned file with garbage), but potentially worrying nonetheless. I've grabbed the slink su source - from a very brief look (2 mins) the su code itself looks OK but may possibly rely on some library code which isn't. But that is only a vague impression from a casual glance. A more thorough investigation is on my "to do" list. >> To fix it, I simply >> copied /etc/passwd to /etc/shadow. It works now. Cool! Thanks. > >Hmm, sounds like you haven't enabled shadow passwords. That's on my "to do" list as well. Good job I hadn't done it yet! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
