Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 15 Nov 1998 09:58:22 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
Cc:        hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject:   Re: Would this make FreeBSD more secure?
Message-ID:  <199811151758.JAA15108@apollo.backplane.com>
References:   <19981115161548.A23869@internal>
next in thread | previous in thread | raw e-mail | index | archive | help 

:Hi,
:
:while installing xlockmore, I noticed that its mode is 4111 for root.
:...
:
:Wouldn't it be generally a good idea to make the /etc/spwd.db and
:the /etc/master.passwd file 640 and give them to a newly created
:
:root@voyager:~>ll /usr/X11R6/bin/xlock 
:---x--s--x  1 root  pw  - 126976 Oct  1 08:17 /usr/X11R6/bin/xlock*
:
:What do you think? Will it make my systems more insecure with the
:above stuff or not? If not, wouldn't it make sense to incorporate
:the changes into FreeBSD? IMHO they break nothing since all programs
:...
:
:	-Andre

    I think this is an excellent idea.  A similar method is used for
    the 'operator' group, to allow the dumper to dump disks without
    giving him write access to them.

    Another thing that would be nice would be to give certain user id's
    the ability to listen on low-numbered sockets without giving the rest
    of the users that ability.  

    Without going to full-blown capabilities, and adding a sysctl to turn
    it on, I think we could reserve some gid_t values to mean certain
    things.  For example, a user in group 0x80000001 would be allowed 
    to bind to low-numbered ports.  A user in group 0x80000002 would be
    allowed to chown files away in mode 01000 directories (allowing a
    mode 01740 directories to be controlled by a non-root program, but 
    accessible by users, aka /var/mail).  And so on.

    Immediate uses that I can see:

	* bind		(has a user run mode, but then can't rebind on ifc
			changes)
	* sendmail	(currently run under user with special hacks only)
	* popper	(run as root)
	* imapd		(run as root)
	* xterm		(suid root for utmp access)

					    -Matt

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811151758.JAA15108>