(Page 5 of 7)   < Prev  1 2 3 4 5 6 7  Next >

Category: Access Control » user privileges

Added 2001-10-22
by Matthias Hopf
runsuid runs a script with another user-id/group-id, when the user has the right to do so according to the configuration file. If used in the right combination with access restrictions this can ease the life of system administrators. Additionally, it can be used for running CGI-scripts as different fixed users.

NTsu 2.5
Added 2001-10-22
by The Quimeras Company, ntsu@teleline.es
NTsu is a software utility for Windows NT and is especially useful for administrators. NTsu enables interactive multiuser impersonation, multidesktop capabilitites, and self impersonation files to Windows NT. NTsu allows you to run programs in the security context of any user in your system or domain without logoff and relogon. NTsu also allows you to have simultaneously multiple desktops for differents users, and you can easily switch from one to another. With NTsu shell extensions you can define and execute self impersonated files that work like SUID Unix files. NTsu is UNICODE.

Added 2001-10-22
by Todd Miller, Todd.Miller@courtesan.com
Sudo is a utility that allows administrators to give limited access to root privileges to users, and log activity associated with the use of sudo. This allows for giving people the access they need, without the need to give full root access.

Added 2001-10-22
by Adam Mckee and Robert Davidson, acua@acua.ebbs.com.au
ACUA is a software package designed to facilitate the administration of user accounts and the enforcement of access restrictions on a Linux system. ACUA is most often used on systems that host modem pools such as ISPs, BBSs, School Dial-Ups and Business Dial-Ups. However, if you have a close look at ACUA you'll find that you don't need to have a modem pool to make use of it.

Added 2001-10-22
by Richard Puckett, rpuckett@snl.com
CHOWN.ZIP is a GUI NT equivalent to the UNIX tool. Microsoft claims that the ownership process of NTFS file objects in NT is a two-part process, requiring that the user possess the right to take ownership (granted by the original object's owner/admin), then forcing them to execute the ownership right. This is to protect object ownership from "Rogue Administrators". This two-part ownership process is undesirable for administrators, who would prefer to just "give" ownership of file/directory objects to a particular user or group. This tool was written to show that the Owner ACL of a file/directory object can be overwritten with a modified replica Securirty Descriptor and elevated use of the SeRestorePrivilege (Tested to NT SP6). Source Code included with EXE.

Added 2001-10-22
by Martin Prikryl
WinSCP can do all basic operations with files, such as copying and moving (to and from a remote computer). It also allows you to rename files and folders (on both remote and local computer), create new folders (on both remote and local computer), change access rights (only on remote computer) and change groups (only on remote computer).

Added 2001-10-22
by Matthew Donaldson
Dynamic symbolic links are symlinks that do not point to a fixed location. A normal symbolic link refers to the particular location you point it at. If you do: # ln -s tmp /mytmp then when you access /mytmp, you will be pointed at /tmp. Dynamic symlinks, on the other hand, take as the "file" to point to, a more complex specification, and may actually point to several different files, depending on the environment of who is accessing them. So, for example, you may have a symlink which points to /tmp if root is following it, or /nonroottmp if another user is following it, like this: # ln -s ///root/=tmp=nonroottmp /mytmp Now when a root process accesses /mytmp, it will be directed to /tmp, but if a non-root process does the same thing, it will go to /nonroottmp. This is done dynamically in the kernel, so that the same symlink can point to different locations simultaneously, if accessed by two different users. Some dynamic symlink types will also create the target if it is not already there. This can be useful in types such as the uid type where the name of the destination may be different for each user accessing it.

Sentinel Security Toolkit
Added 2001-10-22
by Zurk
Sentinel is a fast file scanner similar to Tripwire or Viper with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database. Disclaimer: this is not a security toolkit. It is a single purpose file/drive scanning program. Available versions are for linux (tested on all current Slackware and RedHat releases), with Irix versions soon to be added on.

Qmail alternative checkpassword suite
Added 2001-10-22
by Frank Denis
This package contains an alternative "checkpassword" program for the Qmail POP server. Authentification is done with its own /etc/passwd-style database, in a file called "/etc/poppasswd". That file maps pop logins to the path where their mails are stored, and the real UID the server should fetch them as. Logins can be different from system ones. Passwords can differ, too. All POP accounts can run under a single UID. This is an enhanced release of my good'ol "checklocalpwd.c" file. The package contains some documentation, a script for easy installation, a program to create an initial database, and another program to easily update passwords.

Added 2001-10-22
by Brian Hill
Pseudo is a drag-and-drop application that allows you to launch other applications in the OSX Desktop as the System Administrator or 'root'.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus