Date: Wed, 4 Oct 2000 02:27:58 -0700 (PDT) From: Dima Dorfman <dima@unixfreak.org> To: Kris Kennaway <kris@FreeBSD.org> Cc: Alfred Perlstein <bright@wintelcom.net>, Kris Kennaway <kris@FreeBSD.ORG>, Dima Dorfman <dima@unixfreak.org>, Mike Silbersack <silby@silby.com>, security@FreeBSD.ORG Subject: Re: BSD chpass (fwd) Message-ID: <20001004092758.335931F0A@static.unixfreak.org> In-Reply-To: <20001004021948.A76230@freefall.freebsd.org> from Kris Kennaway at "Oct 4, 2000 02:19:48 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Oct 04, 2000 at 02:16:59AM -0700, Alfred Perlstein wrote: > > * Kris Kennaway <kris@FreeBSD.ORG> [001004 02:15] wrote: > > > On Wed, Oct 04, 2000 at 02:14:26AM -0700, Kris Kennaway wrote: > > > > On Tue, Oct 03, 2000 at 10:34:22PM -0700, Dima Dorfman wrote: > > > > > > For those not subscribed to bugtraq, it's time to remove the suid bit on > > > > > > chpass. > > > > > > > > > > Unfortunatly it isn't that easy if you're running with securelevel > 0 > > > > > since chpass is installed with the schg (system immutable) flag on by > > > > > default. Oh well, guess it's time to reboot some hosts. :-/ > > > > > > > > mv it into a mode 000 directory :-) > > > > > > Oops, can't do that. Reboot :) > > > > Can you mount something over it? > > Hmm, now that null mounts work in -current you could, actually - make a > copy of /usr/bin except for chpass in say /usr/bin2 and null mount > it Actually, I think you can do it without null mounts. mv /usr/bin /usr/bin2, chmod 000 /usr/bin2, then remake /usr/bin (without chpass, of course). > on /usr/bin. Except securelevel disallows mounts, I think :) In securelevel >= 2, you can't open a disk for writing unless you're mount(2). I don't know much about null mounts, so I don't know if that will prevent them from working. -- Dima Dorfman <dima@unixfreak.org> Finger dima@unixfreak.org for my public PGP key. "War doesn't determine who's right, it determines who's left." -- Confuscious To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001004092758.335931F0A>