ping-only account

From: Christopher L. Barnard (cbar44@tsg.cbot.com)
Date: Tue May 27 2003 - 17:00:25 EDT

• Next message: Ben Rockwood: "SC3.0 HA-Oracle Design Considerations"
• Previous message: Matthew Stier: "[SUMMARY] Using large IDE drives under Solaris 2.6"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Devil's Advocate time...

This is a moderately high security environment. Sun Servers here are
monitored by folks who do not need to know much, if anything, about
unix. Monitoring is done by remote applications and they just watch
for alerts from the applications. On most machines, the only interactive
item they do is to log on to a system and do a ping. If there is a
problem, notify an admin. These folks have a unique, non-root,
restricted shell, account.

The problem is the high turnover of our monitoring personnel and the
subsequent frequent creation and deletion of accounts. On many of the
servers, the task is to one thing: ping. On such servers, I am wondering
if anyone sees any security problems with having an account

pingtest:x:1099:10:Pinging account only:/dev/null:/usr/local/bin/pingtest.sh

where the password of pingtest is trivial if not null.

the /usr/local/bin/pingtest.sh script is root owned, mode 0555, and is in its
entirety:

---------------8<---------------
#!/bin/sh
#
### Program that does a ping.
###
echo "Please enter the name or IP address of the server you wish to ping: \c"
read ans

/usr/bin/getent hosts ${ans} > /dev/null 2>&1

if [ "x$?x" != "x0x" ]; then
  echo ""
  echo "$ans is may not be a valid name, but a ping test will be done anyway."
fi

/usr/sbin/ping -a $ans

exit 0
---------------8<---------------

and the user pingtest is in the /etc/ftpusers file.

Then all of the monitoring personnel accounts would be deleted and they
would all use this one.

Before I implement this, though, I would like to run it past the tens
of thousands of pairs of eyes on this list to find out if I have missed
anything...

+-----------------------------------------------------------------------+
| Christopher L. Barnard O When I was a boy I was told that |
| cbarnard@tsg.cbot.com / \ anybody could become president. |
| (312) 347-4901 O---O Now I'm beginning to believe it. |
| http://www.cs.uchicago.edu/~cbarnard --Clarence Darrow |
+----------PGP public key available via finger or PGP keyserver---------+
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Ben Rockwood: "SC3.0 HA-Oracle Design Considerations"
• Previous message: Matthew Stier: "[SUMMARY] Using large IDE drives under Solaris 2.6"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:28 EDT