Local Root Vulnerability in passwd(1) on Solaris 8, 9

so-1997-and-1994 writes "There is a new vulnerability in the passwd command on solaris 8 and 9. Looks like a local user privilege escalation is possible. Patch your systems. This not the first nor the last time something like this has shown up."

industry best practices...

dictate NOBODY that you don't trust should ever have any shell account on any server that you give a damn about.

If I have a client that wants shell access on any of our systems, he needs to have his own server on a separate segment that he can screw up any way he likes.

Seal off all ports not used; put everything in "safe mode" and if lamer programmers can't work around it, it's their problem. This negates about 99% of all these exploits. It goes without saying not running any Microsoft products means I get a full 8+ hours of sleep (during the day of course).

local root vuln

[shird]

Huh? There are millions of local root vulnerabilities under *NIX, unless you can exploit this without first authenticating (eg. entering a very long username - without actually knowing a valid one), this is no different.

The capability and number of local root vulnerabilities under *nix makes me laugh at those who think Windows is more vulnerable to e-mail bourne viruses and tojans. Because in reality, it isn't.

Under Windows, a trojan is less likely to gain admin status and wreck your other accounts or data, because there are so few local exploits. Under Linux etc, a trojan has hundreds of avenues of attack to gain root status and stuff up your system much worse. Share your computer with your mum, she downloads some dodgy attachement, it gains root access and wrecks your account too. doh.