T 2.15 Loss of confidentiality of sensitive data in the UNIX system

With a variety of UNIX programs, it is possible to capture data stored in the IT system pertaining to the users. This also includes data that can provide information on the user's activity profile. For this reason, attention must be paid both to privacy protection aspects and to the risk that such information may facilitate abuse.

Example:

With a simple program that analyses the information provided by the who command at certain intervals, any user can generate a precise utilisation profile for an account. In this way it is possible, for instance, to determine when the system administrator or administrators were absent in order to exploit their absence for unauthorised acts. The program also enables users to determine which terminals are approved for privileged access.

Other programs with similar abuse capabilities are finger and ruser.

© Federal Office for Information Security. All rights reserved.