COMMAND

    npd(8)

SYSTEMS AFFECTED

    NeXT Release 1.0 and 1.0a

PROBLEM

    On  NeXT  computers  running  Release  1.0  or 1.0a that also have
    publicly  accessible  printers,  users  can gain extra permissions
    via a combination of bugs.

    Computer intruders are  able to exploit  this security problem  to
    gain access  to the  system.   Intruders, local  users and  remote
    users are able to gain root access.

SOLUTION

    NeXT computer  owners running  Release 1.0  or 1.0a  should do two
    things to  fix a  potential security  problem.   First, the binary
    /usr/lib/NextPrinter/npd  must  be  replaced  with  a  more secure
    version.   This more  secure version  of npd  is available through
    your  NeXT  support  center.   Upon  receiving  a copy of the more
    secure npd, you must  become root and install  it in place of  the
    old one in /usr/lib/NextPrinter/npd.  The new npd binary needs  to
    be  installed  with  the  same  permission  bits  (6755) and owner
    (root) as the  old npd binary.   The commands to  install the  new
    npd binary are the following:

    # /bin/mv /usr/lib/NextPrinter/npd /usr/lib/NextPrinter/npd.old
    # /bin/mv newnpd /usr/lib/NextPrinter/npd
            (In the above command, "newnpd" is the npd binary
            that you obtained from your NeXT support center.)
    # /etc/chown root /usr/lib/NextPrinter/npd
    # /etc/chmod 6755 /usr/lib/NextPrinter/npd
    # /etc/chmod 440 /usr/lib/NextPrinter/npd.old

    The second half of the fix to this potential problem is to  change
    the permissions of  directories on the  system that are  currently
    owned and able to be written  by group "wheel".  The command  that
    will remove write permission for directories owned and writable by
    group "wheel" is below.  This command is all one line, and  should
    be run as root.

    # find / -group wheel ! -type l -perm -20 ! -perm -2 -ls -exec chmod
    g-w {} \; -o -fstype nfs -prune