Re: RADIUSD: Big security holes

John W. Temples (john@kuwait.net)
Wed, 4 Sep 1996 12:25:36 +0300 ()

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Kennedy: "Re: RADIUSD: Big security holes"
Previous message: peter@lenet.fr: "Re: Returned mail: User unknown"
In reply to: John W. Temples: "Re: RADIUSD: Big security holes"

On Wed, 4 Sep 1996, Kevin Kadow wrote:

> Ideally the program would
> bind the radius and radacct ports, chroot, then run setuid as a unique,
> unprivileged user (like some HTTPDs),

An unprivileged user cannot read /etc/shadow to verify login passwords.

> In a related note, a vulnerability in the RADIUS protocol itself is noted,
> basically with a simple sniffer data can be collected such that a
> 'crack' style dictionary attack on the 'shared secret' (the password
> stored in the clients file) is possible.

If someone can install a "simple sniffer", root has already been
compromised, so you've got problems already.

--
John W. Temples, III       ||       Providing the first public access Internet
Gulfnet Kuwait             ||            site in the Arabian Gulf region

Next message: Dave Kennedy: "Re: RADIUSD: Big security holes"
Previous message: peter@lenet.fr: "Re: Returned mail: User unknown"
In reply to: John W. Temples: "Re: RADIUSD: Big security holes"