Date: Thu, 12 Jul 2001 16:43:07 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: "Portwood, Jason" <JPortwood@strategicit.net> Cc: "'security@FreeBSD.ORG'" <security@FreeBSD.ORG> Subject: RE: FreeBSD 4.3 local root PREVENTIONS Message-ID: <20010712163504.E20419-100000@cactus.fi.uba.ar> In-Reply-To: <6381A6A8826BD31199500090279CAFBA2BD50E@exchange.strategicit.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 12 Jul 2001, Portwood, Jason wrote: > > > > > > So simple things like going into all the folders and chmod'n > > things is a very good idea for a lil extra security. > > > > along with copying /bin/sh to /tmp/ > > and chmod 0 /tmp/sh > > > > Wouldn't it be a better practice to just mount all the partitions that don't > need suid as nosuid? Just off the top of my head those candidates would > be Yes, it is a better practice, but in this case it doesn't help. The suid binary you are exec(2)ing is in /bin. bash-2.03$ mount | grep tmp /dev/ad2s2 on /tmp (ufs, local, nosuid) ^^^^^^ bash-2.03$ ./a.out vvfreebsd. Written by Georgi Guninski shall jump to bfbffe72 child=996 login: # done # id uid=0(root) gid=1001(fgleiser) groups=1001(fgleiser) Fer > > /tmp > /home > /var > > Is there a good reason for not doing this? > > Jason Portwood > jason@iac.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010712163504.E20419-100000>