SCO makes C2 less obtrusive, for free! Film at 11.

Chip Salzenberg chip at tct.uucp
Thu Feb 21 04:22:58 AEST 1991 

According to david at talgras.UUCP (David Hoopes):
>I hate C2.  I hate it alot.

Then RUN, do not walk, to your nearest UUCP-capable UNIX computer, and
pick up from SCO the free support level supplement "unx257", entitled
"UNIX Security Supplement."  It actually makes C2 security endurable
until that long-awaited day when we can all "rm -rf /tcb /etc/auth"
with maniacal grins reflecting from our publicly visible monitors. :-)

Among the high points:
   any user can su(C) to any other user!
   su(C) sets the login id!
   at(C) and crontab(C) don't complain if the real and login ids don't match!
   various commands make administration-without-sysadmsh easier.

And in other cool developments unrelated to C2:
   su(C) and login(C) set the supplemental group vector,
     so you can belong to up to sixteen groups at once!
   login(C) no longer leaves the terminal database locked
     once in a while.
   su(C) preserves the umask.

Judging by one day of use, SCO really did a good job on this update.
Bravo, ladies and gentlemen, bravo.

First, here's the info on connecting to SCO's machine "sosco":

vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
UUCP Connection information:

Machine name: sosco

Phone numbers: (408) 425-3502 (2 lines, 300-9600 baud V.32 standard)
	       (408) 429-1786 (9600 baud Telebit)

Login name: uusls   (forth character is the letter "l" rather than numeral "1")
No password
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

After setting up UUCP to sosco, pick three files using commands like
these:

    uucp sosco\!~/SLS/info       /some/local/dir/sosco-info
    uucp sosco\!~/SLS/unx257.ltr /some/local/dir/unx257.ltr
    uucp sosco\!~/SLS/unx257     /some/local/dir/unx257

The "info" file contains the connection info above, as well as
miscellanous instructions.  The "unx257.ltr" file is the update cover
letter; it will explain the installation procedure and the features
and bug fixes you get when you install the update.  The "unx257" file
is the image of the update floppy.

BE SURE TO READ THE COVER LETTER IN ITS ENTIRETY.

For those who wonder if it's reall worth the trouble -- it is! -- here
is the full feature list, excerpted from the cover letter.

vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
SLS unx257 includes the following features:

  Enhanced crash recovery, including modifications to tcbck(ADM).

  Command-line utilities, rmuser(ADM) and unretire(ADM), for removing, 
  retiring and unretiring users. 

  The utility, passwdupd(ADM), to create a user who was added to 
  /etc/passwd file manually. 

  A hushlogin feature in login(M) for suppressing copyright and other 
  messages during a login.

  A new authck(ADM) -y flag that silently corrects any errors in the 
  subsystem database.

  The utility, fixmog(ADM), to change the permissions of all files to match 
  their entries in the File Control database. 

  The utility, cps(ADM), for setting the permissions of individual files to 
  match their entries in the File Control database.

  A locking utility, ale(ADM), that enables administrators to write scripts 
  that update the Authentication database. 

  The utility, ttyupd(ADM), that updates the Terminal Control database to 
  match /etc/inittab. 

  The utility, asroot(ADM) that allows an authorized user to run a defined 
  set of commands as superuser without the root password. 

  New semantics of PASSLENGTH in /etc/default/passwd that represent the 
  absolute minimum password length to be enforced by passwd(C).

  Modifications to su(C) 

	- Instead of allowing a user to su to root only, users can su 
	  to any account if they have the account password.

	- The system can be configured to a C1 level of security so that 
	  su transitions also transfer the authorizations of the account.


  (III)  Other Improvements and Additions

  SLS unx257 also includes the following improvements and additions. 
  Note: Unless otherwise stated the problems described below are present 
  in all the software environments specified earlier.

  addxusers(ADM)

  	- Now handles a relative pathname for the name of the input file.

  	- Allows the passwords of newly added accounts to be changed if they 
  	  did not have aging information.

  authck(ADM)

	- Increased robustness to repair additional errors in the subsystem 
	  database files.

  lpadmin(ADM)

	- Creates /usr/spool/lp/admins/lp/printer/<printername> with the 
	  correct permissions of 770, owner=lp, group=lp (previous versions 
	  of lpadmin created these directories with various incorrect 
	  permissions).

	- Can now be used by a user with the lp authorization.  
	  (This problem is not present in SCO UNIX System V/386 Release 3.2 
	   Operating System Version 2.0.)

  lpfilter(ADM) & lpforms(ADM)

	- Can now be used by a user with the lp authorization.  
	  (This problem is not present in SCO UNIX System V/386 Release 3.2 
	   Operating System Version 2.0.)

  sulogin(ADM)

	- The LUID is now set under all circumstances.

	- The gid is set to root's group as specified in /etc/passwd.

  sysadmsh(ADM)

	- The useshell helper program used by sysadmsh now displays 
	  descriptive error messages.

  at(C)

	- No longer displays error messages when used from an su session.

  chmod(C)

	- Displays more accurate error messages.

	- Error checking done consistently across all combinations of 
	  command line arguments.

  crontab(C)

	- No longer displays error messages when used from an su session.

	- No longer core dumps when an account name for the -u flag is 
	  longer than 5 characters.

	- When the -u and -r flags are used to remove an account's crontab 
	  file, the cron jobs for that account are immediately stopped.  
	  (This problem is only present in SCO UNIX System V/386 Release 3.2 
	   Operating System Version 2.0.)

	- The File Control database is used to obtain the correct permissions 
	  of crontab files rather than using hardcoded values.

  login(C)

	- Does not produce the 'cannot access Terminal Control database' 
	  message when a large number of concurrent logins take place.

	- The override shell spawned in emergencies now has its LUID set.

	- All combinations of null passwords and PASSREQ work as documented.

	- Use of an invalid username is now audited as <bad>.

  passwd(C)

	- Lockfiles are no longer left behind when setting a dial-up password.

  su(C)

	- No longer makes two entries in the sulog file each time it is used.


  umask(C) preservation

	- auths(C), su(C), newgrp(C), and at(C) now use the current value 
	  of the user's umask rather than setting it to 077.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-- 
Chip Salzenberg at Teltronics/TCT      <chip at tct.uucp>, <uunet!pdn!tct!chip>
"It's not a security hole, it's a SECURITY ABYSS." -- Christoph Splittgerber
   (with reference to the upage bug in Interactive UNIX and Everex ESIX)

More information about the Comp.unix.sysv386 mailing list