IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 2.15 Loss of confidentiality of sensitive data in the
UNIX system
By means of various UNIX programmes it is possible to read/extract userrelated
data held in the IT system. This also covers data which can furnish
information on the user performance profile. Therefore, attention must be paid
both to privacy protection aspects and to the risk that such information may
facilitate abuse.
Example:
With a simple program which, at certain intervals analyses the information
provided by the who command, any user can extract a precise utilisation
profile for an account. In this way it is possible, for instance, to establish the
periods of absence of the system administrator(s) in order to exploit these
absences for illicit acts. Also, it can be established which terminals are
approved for privileged access.
Other programs with similar abuse possibilities are finger or ruser.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000