Date: Sun, 14 Mar 1999 23:48:17 +1300 From: Andrew McNaughton <andrew@squiz.co.nz> To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> Cc: robert+freebsd@cyrus.watson.org, freebsd-security@FreeBSD.ORG Subject: Re: ACL's Message-ID: <199903141048.XAA06895@aniwa.sky> In-Reply-To: Your message of "Sun, 14 Mar 1999 20:07:28 %2B1000." <99Mar14.195521est.40346@border.alcanet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> wrote: > Robert Watson <robert@cyrus.watson.org> wrote: > >I.e., user creates a hard link to /usr/sbin/somesetuidbin to > >/usr/tmp/mytemp. > > Normal users shouldn't have write permission anywhere on a partition > containing system binaries - this also removes the problem. (Note > that /usr/tmp is accessible only by root under FreeBSD). There's some sense in that. It's worthy of note then that this is not how a FreeBSD default install is set up. Perhaps it should be? Andrew McNaughton -- ----------- Andrew McNaughton andrew@squiz.co.nz http://www.newsroom.co.nz/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903141048.XAA06895>