This is Security-rules-on-NeXT in view mode; [Up]
Date: Sun 30-Jun-1991 16:52:43 From: youki@newmars.ics.osaka-u.ac.jp (Youki Kadobayashi) Subject: Security rules on NeXT When I login from NeXT's console, I can su on that machine. However, if I login from other machines via rlogin, I can't su, like this: ---------------------------------------------------------------- youki@icsnext1$ rlogin icssparc Last login: Sun Jun 30 21:36:42 from icssnake SunOS Release 4.1.1 (GENERIC_SMALL) #1: Fri Oct 12 17:09:11 PDT 1990 youki@icssparc$ rlogin icsnext1 Last login: Mon Jul 1 01:23:17 from icssnake youki@icsnext1$ su You do not have permission to su root ---------------------------------------------------------------- /etc/ttys on icsnext1 is not modified as of installation: .... ttyp0 none network ttyp1 none network ttyp2 none network ttyp3 none network .... I modified some NetInfo configuration: youki@icsnext1$ niutil -read / / trusted_networks: 133.1.12 youki@icsnext1$ nidump passwd . | grep root ^ was 1 I'd like to know explicit rules which can explain why this occurs.
Date: Sun 01-Jul-1991 11:51:47 From: youki@newmars.ics.osaka-u.ac.jp (Youki Kadobayashi) Subject: Re: Security rules on NeXT In response to my previous message me> When I login from NeXT's console, I can su on that machine. However, me> if I login from other machines via rlogin, I can't su, like this: I got several e-mail like this: > Only members of the group wheel can su on a NeXT. You need to add yourself > to the wheel group with the UserManager utility. Yes I know. Or else I couldn't become su (<-- this doesn't mean root login from login window; that is, I can su from Terminal (or xterm, etc.) session if I try "su" command from non-rlogin session). Of course I'm in the wheel group. youki@icsnext1$ nidump group . Any ideas or pointers? Thanks in advance,
Date: Sun 01-Jul-1991 20:28:29 From: glenn@heaven.woodside.ca.us (Glenn Reid) Subject: Re: Security rules on NeXT Youki Kadobayashi writes > > In response to my previous message > > me> When I login from NeXT's console, I can su on that machine. However, > me> if I login from other machines via rlogin, I can't su, like this: > > I got several e-mail like this: > > > Only members of the group wheel can su on a NeXT. You need to add yourself > > to the wheel group with the UserManager utility. You might check the file /etc/ttys. If you want "root" to be able to log in on a pty (as by rlogin), you have to mark those lines as "secure" in /etc/ttys, like this: ttyp0 none network secure ttyp1 none network secure ttyp2 none network secure ttyp3 none network secure ttyp4 none network secure ttyp5 none network secure ttyp6 none network secure ttyp7 none network secure I hope that helps.
Date: Sun 02-Jul-1991 14:17:28 From: nerd@percival.rain.com (Michael Galassi) Subject: Re: Security rules on NeXT glenn@heaven.woodside.ca.us (Glenn Reid) writes: >You might check the file /etc/ttys. If you want "root" to be able to >log in on a pty (as by rlogin), you have to mark those lines as "secure" >in /etc/ttys, like this: >ttyp0 none network secure >ttyp1 none network secure ... stuff deleted ... >I hope that helps. Don't anyone do this unless you know what you are doing. If you did not know about the ttys file and the secure option you do not know what you are doing so don't do this. This sort of 'fix' goes a long way to reducing overall security, not a good idea at all. -m
These are the contents of the former NiCE NeXT User Group NeXTSTEP/OpenStep software archive, currently hosted by Marcel Waldvogel and Netfuture.ch.