client schedule security question
1997-04-03 03:52:04
Hi,
the client schedule gives the possibility to define
an operating system command that is executed on
the client at a specific point in time. I played
around a bit with this option and could successfully
delete files on a client.
define schedule domain remove action=command \
object="/bin/rm -rf /dir"
I could also start the makeuser command, for instance.
I wonder if this isn't a security hole. A hacker only
has to crack ADSM's administrative password to get
access to all the clients that run the scheduler,
instead of cracking hundreds of client passwords.
If I start an administrative client session, the
password goes over the network. What can I do to
maximize ADSM security?
Regards,
Dirk Kastens _______________Dirk.Kastens AT rz.Uni-Osnabrueck DOT DE
Universitaet Osnabrueck Phone: +49/541/969-2347 (work)
Rechenzentrum Fax: +49/541/969-2470 (work)
Albrechtstr. 28 Phone: +49/541/258182 (private)
49069 Osnabrueck
Germany
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- client schedule security question,
Dirk Kastens <=
|
|
|