Login or Register to Ask a Question and Join Our Community


AIX

Re: User assigned to privileged group

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX Re: User assigned to privileged group
# 1  
Old 04-05-2005
Re: User assigned to privileged group
Hi!

I need to know what is the risk involved if a user with UID >100 is attached to a group with gid =1 .i.e., a user is attached to a priviliged group in AIX .

Kindly let me know what security implication can arise in this case?

Early reply in this regard will be highly appreciated.
# 2  
Old 04-05-2005
if the user decides to make changes in a group-writable file and/or directory that is owned by GID 1, there is nothing you can do about it as the user is a valid member with valid rights ...

from a quick scan of my /etc/passwd files --- only root and daemon are members of the "other" group so anything that is group-writable by root with the default uid/gid is open to changes ... if root with gid 1 installs an application and the application directory stays with gid 1 and is group-writable, the gid 1 regular user can potentially remove the application without any checks ... if the application is security-related, the server is now easily compromised ...
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Privileged port

I have read in many articles that ports below 1024 are privileged ports. My question is if port 1024 is an privileged or a unprivileged port. Some say privileged and some unprivileged.. (1 Reply)
Discussion started by: lobsang
1 Replies

2. Red Hat

User is a Part of a Group But Group Details Do Not Show the User

Hi, In the following output you can see the the user "richard" is a member on the team/group "developers": # id richard uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers) but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies

3. Shell Programming and Scripting

user without group

hi i have vert strange query.. can we add user in unix with out assigned it to any group i mean user which is having no default group or anything.. like this in /etc/passwd file new_user:::::::: Please help (2 Replies)
Discussion started by: aishsimplesweet
2 Replies

4. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies

5. Shell Programming and Scripting

user and its group

Hello, is there any command which can show a particular user "xyz" is belongs to how many groups thanks (3 Replies)
Discussion started by: lookinginfo
3 Replies

6. Solaris

Non-root user access to privileged ports-Solaris 8

Please let me know how to setup a non-root user to be able to access a privileged port (<1024) on Solaris 8. I am currently running tomcat as "tomcat" user and I get the following error during to start up: SEVERE: Error initializing endpoint java.net.BindException: Permission denied<null>:443 (5 Replies)
Discussion started by: pingmeback
5 Replies

7. Shell Programming and Scripting

Find all files with group read OR group write OR user write permission

I need to find all the files that have group Read or Write permission or files that have user write permission. This is what I have so far: find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}' It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies

8. Solaris

what privileged accounts exist on solaris

Hi Buddys, We are using SUN-ONE LDAP and We need to define and implement a quarterly review of privileged accounts in the Unix environment.So, in the unix world, this would involve knowing what accounts are on each server, who has root access, what privileged accounts exist, who can sudo to... (0 Replies)
Discussion started by: bhupals
0 Replies

9. UNIX for Dummies Questions & Answers

user/group

Hi! Herez the scenario 1. logged in as user xxxx $ id uid=125(xxxx) gid=101(my_grp) groups=0(system),15(users),16(sysadmin),19(adm),110(appl) $ touch test $ ls -la test -rw-r--r-- 1 xxxx system 0 Mar 7 14:31 test Why is the group of the file test 'system' and not... (2 Replies)
Discussion started by: sdharmap
2 Replies

10. UNIX for Dummies Questions & Answers

User Group

I can't get a clear answer on this one... I have a Oracle user created in group 'dba' when this user touches a file the group displayed is 'sys' - why? The 'sys' group is not included in the list of secondary groups for this user. Is this standard to Oracle on Unix? (AIX) Anybody? (1 Reply)
Discussion started by: errolg
1 Replies
Login or Register to Ask a Question