New Messages

I received a few more letters in regard to Didier Racheneur’s article on SUID programs. We responded to the main points of objection in the July issue, so I won’t cover those again. However, one reader pointed us to an interesting related item. See the following:

From: Magnus Bodin <magnus@bodin.org>
Subject: “Setting Root SUIDed Programs at Work — Build a Backdoor”

http://sendmail.net/?feed=000607linuxbug

A serious bug has been discovered in the Linux kernel that can be used by local users to gain root access. The problem, a vulnerability in the Linux kernel capability model, exists in kernel versions up to and including version 2.2.15. According to Alan Cox, a key member of the Linux developer community, “It will affect programs that drop setuid state and rely on losing saved setuid, even those that check that the setuid call succeeded.”

/magnus

We appreciate all your letters. Keep writing! —AA

Hello Amber,
I have to compliment you for what an excellent magazine Sys Admin is. I am a regular reader of the magazine, especially in regard to Elizabeth Zinkann’s “Books: A User’s Report” column.

I would like to offer a suggestion for her column, which I’m also forwarding to her. I think it would be very helpful if a top ten book selection for specific topic areas was included on a monthly basis. This would be an extremely useful reference for myself, and I’m sure many others when we are looking for high-quality books in our day to day jobs.

Again, thank you for producing such a useful magazine.

Sincerely,
David Carlson

Thanks for the compliment. We’re planning to post a Top Ten Books List on the Web site soon. —AA

Subject: Sys Admin Feedback
From: Hans Drexler <drexler@geotax.nl>

I read the article on BSD systems administration on your Web site. I think the author, Michael Lucas wrote an excellent article. The article uncovers the inner workings of the BSD booting process in a very understandable way. Still, it has much more in-depth covering of the subject than most other articles.

I was not even aware of the existence of your magazine previously. But keep publishing articles like this, with actual content in it, and you will have my undivided attention.

Thanks,
Hans Drexler

Thank you. Note that another article from Michael Lucas will appear next month in the September issue, entitled: FreeBSD’s sysctl Interface. I hope you’ll enjoy it also. —AA

Dear Sys Admin,
I just read and loved the article “Building a Jumspstart Server for Solaris”, by Peter van der Weerd in the Sys Admin May 2000 magazine. Since I am somewhat new to jumpstart on Solaris, I hope you can clarify something for me. On page 12 of the article, when editing the host_class file and explaining what it will do, Van der Weerd says it will load an entire distribution with the line cluster SUNWCuser. I believe it should be cluster SUNWCall and that was an error on someone’s part. Could you let me know if I am right or wrong on this point? Thank you very much.

Sincerely,
Nick Patetta njp@spiff.att.com

Nick,
Oops ... you’re absolutely right!

SUNWCuser is enduser distribution
SUNWCall is entire distribution

Sorry about that.
Peter