From owner-freebsd-security Sun May 5 00:50:22 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id AAA11573 for security-outgoing; Sun, 5 May 1996 00:50:22 -0700 (PDT) Received: from anna.az.com (root@anna.az.com [204.57.139.9]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id AAA11557 for ; Sun, 5 May 1996 00:50:20 -0700 (PDT) Received: (from yankee@localhost) by anna.az.com (8.6.12/8.6.12) id AAA22761; Sun, 5 May 1996 00:56:03 -0700 Date: Sun, 5 May 1996 00:56:03 -0700 (PDT) From: System Administrator To: Brian Wang cc: freebsd-security@freebsd.org Subject: Re: Weird system security output In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I have encounter similar events without any good leads. On Sat, 4 May 1996, Brian Wang wrote: > After searching the mail archives, I found the following posted > question without replies. I'd love some replies though. > > > Subject: unaccounted-for mtime and ctime changes on SUID root programs > > To: questions@FreeBSD.org (FreeBSD questions) > > Date: Thu, 1 Feb 1996 10:36:26 -0600 (CST) > > X-Mailer: ELM [version 2.4 PL25] > > MIME-Version: 1.0 > > Content-Type: text/plain; charset=US-ASCII > > Content-Transfer-Encoding: 7bit > > Sender: owner-questions@FreeBSD.org > > Precedence: bulk > > > > A few times with FreeBSD 2.0.5 and now twice with FreeBSD 2.1(CD), > > the nightly security check has revealed SUID root programs whose > > modification times have changed. I have immediately put in the > > backup tapes, pulled down the original files, and compared them. > > Every time, they have been identical (which is something of a relief > > to know that worms or trojan horses are not being left around), but > > I have to wonder how this is happening, and whether it may be an > > indication of something sinister but more subtle going on (like someone > > changing the programs, doing their mischief, and then changing them > > back). > > Just last night, I'm having the same problem described above again > (It occured couple of times before). Somehow, the date stamp gets altered > for no reason...a compromised system? Again, checking the binary file > from the backup/cdrom yielded nothing. The following is a nightly > security check output from one of our server. Is there a rational > explanation for this? Thanks in advance for any help/answer! > > Date: Sat, 4 May 1996 02:00:03 -0700 (PDT) > From: System Administrator > Subject: aquarius security check output > > checking setuid files and devices: > aquarius setuid/device diffs: > 1c1 > < -r-xr-sr-x 1 bin operator 65536 Nov 16 01:43:41 1995 /bin/df > --- > > -r-xr-sr-x 1 bin operator 65536 May 3 02:22:47 1996 /bin/df > > Sincerely, > > Brian Wang > From owner-freebsd-security Sun May 5 02:13:27 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id CAA04670 for security-outgoing; Sun, 5 May 1996 02:13:27 -0700 (PDT) Received: from doorstep.unety.net (root@usi-00-10.Naperville.unety.net [204.70.107.30]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id CAA04664 Sun, 5 May 1996 02:13:24 -0700 (PDT) Received: from webster.unety.net (webster.unety.net [206.31.202.8]) by doorstep.unety.net (8.6.9/8.6.9) with SMTP id EAA10285; Sun, 5 May 1996 04:06:24 -0500 Received: by webster.unety.net with Microsoft Mail id <01BB3A38.BC5B4BE0@webster.unety.net>; Sun, 5 May 1996 04:10:03 -0500 Message-ID: <01BB3A38.BC5B4BE0@webster.unety.net> From: Jim Fleming To: "'Jordan K. Hubbard'" Cc: "'Darren Reed'" , "FreeBSD-hackers@FreeBSD.org" , "'freebsd-isp@freebsd.org'" , "'freebsd-security@freebsd.org'" , Warner Losh , "wollman@freebsd.org" Subject: RE: IPv8 Tutorial #1: Minimal IPv8 hack Date: Sun, 5 May 1996 04:10:02 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sunday, May 05, 1996 3:46 AM, Jordan K. Hubbard[SMTP:jkh@time.cdrom.com] wrote: @ > Does the word "Free" in FreeBSD mostly stand for Free as in Money @ > or freedom as in freedom of choice...??? @ @ Free as in freely available, if you were seriously looking for an @ answer to that question. @ Thanks...either way... @ However, the rules of quality control stipulate that you also don't @ take just any damn thing you're offered or pretty soon you start @ looking more like AIX than you do like BSD. That would be terrible, @ and it certainly won't happen so long as the current core team is in @ charge. @ Hold on...I am not suggesting that IPv8 go into FreeBSD... @ Finally, there is also a high degree of compartmentalization in the @ FreeBSD project and, last I checked, it was not even the members of @ this group you have to convince about IPv8 going in as a default part @ of the system. Garrett Wollman is in charge of networking, we've @ grown to respect his judgement enough over the years to delegate final @ authority over that area to him and, if he suddently decides that IPv8 @ is god's gift to FreeBSD, you're probably a shoo-in with very little @ debate. If, on the other hand, he thinks otherwise then you've a @ snowball's chance in hell of getting this into FreeBSD and there's not @ even any point in taking your case here. @ So, like most large companies, educational institutions, etc. there is an "organization". That seems natural. This is good, that allows your group to control the quality of their software "production". Keep up the good work. @ Now, would that mean we're all hateful people who are determined to @ keep IPv8 out of FreeBSD? Of course not, we'd simply suggest (as @ Warner did) that you distribute it independantly, as *many other* @ people have done with their private enhancements to FreeBSD. I'll @ even give you space on the various archive sites to store the diffs. @ @ Jordan @ Again...I do not expect IPv8 to go into FreeBSD...some people with FreeBSD systems and the ability to modify their kernels wanted to see a quick hack to be able to receive ( not send) IPv8 packets. I thought that was what freebsd-hackers@freebsd.org was about. I am sorry that I mentioned the simple "hack" here. Maybe I should have used freebsd-security@freebsd.org or freebsd-isp@freebsd.org because people could use the hack to detect if IPv8 packets are present on their LANs. They could also use the IPv8 format to help add additional security to their systems. Again, I do not expect IPv8 to go into FreeBSD. I assumed that FreeBSD users are at a level where they do not depend only on one feed. I can not imagine that FreeBSD users will restrict themselves to one source. If they are going to do that...they might as well us that N-Thing...:-) -- Jim Fleming UNETY Systems, Inc. Naperville, IL e-mail: JimFleming@unety.net From owner-freebsd-security Sun May 5 03:51:16 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id DAA09660 for security-outgoing; Sun, 5 May 1996 03:51:16 -0700 (PDT) Received: from lackowa.pap.waw.pl (lackowa.pap.waw.pl [194.92.35.33]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id DAA09654 for ; Sun, 5 May 1996 03:51:10 -0700 (PDT) Received: from cergowa.waw.pl (cergowa [194.92.35.52]) by lackowa.pap.waw.pl (8.6.9/8.6.9) with ESMTP id MAA14444 for ; Sun, 5 May 1996 12:45:42 +0200 Received: by cergowa.waw.pl (SMI-8.6/SMI-SVR4) id MAA16372; Sun, 5 May 1996 12:45:46 +0200 From: jarekb@pap.waw.pl (Jaroslaw Bazydlo) Message-Id: <199605051045.MAA16372@cergowa.waw.pl> Subject: dot.cshrc and weird umask value To: freebsd-security@freebsd.org Date: Sun, 5 May 1996 12:45:46 +0200 (MET DST) X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Can anyone tell me why on FreeBSD (the same with BSD/OS) there is the umask value 2 ???? This simply couses producing group writable files. Imagine the person which created .forward file, anyone in his group can modify this to reforward files or duplicate mails. This is in /usr/share/skel/dot.cshrc. I know that everyone can set proper value of umask but some not experienced users do not know about it. And even experienced administrators belive that the distribution skeleton files are good enough to copy then into user directory. Is there a reason for this ???? J. -- _ ____ ____ | | __ _| _ \ __ _/ ___| POLISH PRESS AGENCY - Warsaw _ | |/ _` | |_) / _` \___ \ email: ............... jarekb@pap.waw.pl | |_| | Jaroslaw Bazydlo __) | irc: McJARAS ...... on: #Polska #Gandalf \___/ \__,_|_| \_\__,_|____/. home-page: http://www.pap.waw.pl/~jarekb From owner-freebsd-security Sun May 5 04:37:11 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id EAA13007 for security-outgoing; Sun, 5 May 1996 04:37:11 -0700 (PDT) Received: from glitnir.cfar.UMD.EDU (glitnir.cfar.umd.edu [128.8.132.40]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id EAA13002 for ; Sun, 5 May 1996 04:37:09 -0700 (PDT) Received: by glitnir.cfar.UMD.EDU (8.7.5/UMIACS-0.9/04-05-88) id HAA29335; Sun, 5 May 1996 07:37:00 -0400 (EDT) Message-Id: <199605051137.HAA29335@glitnir.cfar.UMD.EDU> To: Thomas J Balfe cc: security@freebsd.org Subject: Re: sendmail In-reply-to: Your message of "Sat, 04 May 1996 16:53:49 -0000." Date: Sun, 05 May 1996 07:37:00 -0400 From: He Who Urges Ampersands Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sat, 04 May 1996 16:53:49 -0000, tbalfe@tioga.com wrote: > I have recently compiled sendmail from cert.org. What I want to know, > does sendmail have to be mode 4555 to function correctly, or will be > function correctly as mode 555? Or even 4111? Sendmail runs as to deliver 's mail. In particular, if .forward runs any programs, you want them to run as that user. Otherwise you're opening up a security hole. So sendmail has to be able to set its euid, which means it has to run as root. If you run sendmail from inetd, or from /etc/rc.whatever, it'll run as root and your machine will be able to receive mail. If you make it setuid root, then J. Random Program can run sendmail to send mail to someone. If you make sendmail mode 555, then that will break. You can either try to fix all of the programs that break, or you can try to come up with a workaround (e.g., make /usr/lib/sendmail a program that simply talks to the local host's SMTP port; or make /etc/sendmail.cf use nullclient to forward mail to the local host, port 25, where it gets picked up by the version of sendmail that's running as root). As usual, if I'm wrong, I'm sure that a chorus of voices will rise up to correct me. -- Andrew Arensburger, Systems guy Center for Automation Research arensb@cfar.umd.edu University of Maryland Don't crush that dwarf, hand me the pliers. From owner-freebsd-security Sun May 5 06:56:30 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id GAA17577 for security-outgoing; Sun, 5 May 1996 06:56:30 -0700 (PDT) Received: from gw0.telebase.com (root@gw0.telebase.com [192.132.57.100]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id GAA17568 for ; Sun, 5 May 1996 06:56:27 -0700 (PDT) Received: from wormhole.telebase.com by gw0.telebase.com id JAA01792; Sun, 5 May 1996 09:56:16 -0400 (EDT) Received: from hovercraft.willscreek.com (root@hovercraft.willscreek.com [172.16.11.101]) by wormhole.telebase.com (8.7.1/8.6.9.1) with ESMTP id JAA15349; Sun, 5 May 1996 09:56:12 -0400 (EDT) Received: (from bmc@localhost) by hovercraft.willscreek.com (8.7.5/8.6.9) id JAA00355; Sun, 5 May 1996 09:55:45 -0400 (EDT) Date: Sun, 5 May 1996 09:55:45 -0400 (EDT) Message-Id: <199605051355.JAA00355@hovercraft.willscreek.com> From: Brian Clapper To: "John S. Dyson" Cc: freebsd-security@FreeBSD.ORG Subject: Re: Weird system security output In-Reply-To: <107643434@toto.iv> Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >>>>> "John" == John S Dyson writes: >> I have had this happen and have rationalized it, but I'm not sure if it >> is a cause. I always thought that it was because of the sup process >> adding new files and updating current ones. If I'm dead wrong please >> correct me. >> John> There IS a bug in -stable (might have been fixed recently) that modified John> dates on executables can get modified during paging. We just found a John> very subtile bug in pmap.c (it might be in the asm statements or in the John> register allocation associated with them), that appears to have been John> fixed when we rewrote the code. The bug that appears to have been John> fixed also could have been manifested by changed modify dates. This John> is a very very tough one. FYI, we noticed the same problem on our firewall. After a small bit of panic, we tracked it down. It corresponded exactly to when our system's time was re-synchronized via NTP. We were able to reproduce the problem manually on both FreeBSD (2.1) and BSDI (2.0.1) systems. John's explanation is consistent with our experimental observations. ----- Brian Clapper ....................... bmc@WillsCreek.COM -or- bmc@telebase.com http://www.netaxs.com/~bmc/ ......... PGP public key available on request Barth's Distinction: There are two types of people: those who divide people into two types, and those who don't. From owner-freebsd-security Sun May 5 07:10:10 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id HAA18361 for security-outgoing; Sun, 5 May 1996 07:10:10 -0700 (PDT) Received: from zen.nash.org (nash.pr.mcs.net [204.95.47.72]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id HAA18356 for ; Sun, 5 May 1996 07:10:03 -0700 (PDT) Received: (from alex@localhost) by zen.nash.org (8.7.5/8.6.12) id JAA01310; Sun, 5 May 1996 09:04:49 -0500 (CDT) Date: Sun, 5 May 1996 09:04:49 -0500 (CDT) Message-Id: <199605051404.JAA01310@zen.nash.org> From: Alex Nash To: jarekb@pap.waw.pl Cc: freebsd-security@FreeBSD.ORG Subject: dot.cshrc and weird umask value Reply-to: nash@mcs.com Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Can anyone tell me why on FreeBSD (the same with BSD/OS) there is the umask > value 2 ???? This simply couses producing group writable files. Imagine the > person which created .forward file, anyone in his group can modify this to > reforward files or duplicate mails. > > This is in /usr/share/skel/dot.cshrc. I know that everyone can set proper > value of umask but some not experienced users do not know about it. And even > experienced administrators belive that the distribution skeleton files are > good enough to copy then into user directory. Is there a reason for this ???? The man page for adduser(8) has a good writeup on this: UNIQ GROUP Perhaps your missing what *can* be done with this scheme that falls apart with most other schemes. With each user in his/her own group the user can safely run with a umask of 002 and have files created in there home directory and not worry about others being able to read them. For a shared area you create a separate uid/gid (like cvs or ncvs on freefall), you place each person that should be able to access this area into that new group. This model of uid/gid administration allows far greater flexibility that lumping users into groups and having to muck with the umask when working in a shared area. I have been using this model for almost 10 years and found that it works for most situations, and has never gotten in the way. (Rod Grimes) Alex From owner-freebsd-security Sun May 5 07:44:38 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id HAA20412 for security-outgoing; Sun, 5 May 1996 07:44:38 -0700 (PDT) Received: from palmer.demon.co.uk (palmer.demon.co.uk [158.152.50.150]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id HAA20392 for ; Sun, 5 May 1996 07:44:29 -0700 (PDT) Received: from palmer.demon.co.uk (localhost [127.0.0.1]) by palmer.demon.co.uk (sendmail/PALMER-1) with ESMTP id PAA07722 ; Sun, 5 May 1996 15:43:58 +0100 (BST) To: jarekb@pap.waw.pl (Jaroslaw Bazydlo) cc: freebsd-security@FreeBSD.ORG From: "Gary Palmer" Subject: Re: dot.cshrc and weird umask value In-reply-to: Your message of "Sun, 05 May 1996 12:45:46 +0200." <199605051045.MAA16372@cergowa.waw.pl> Date: Sun, 05 May 1996 15:43:58 +0100 Message-ID: <7720.831307438@palmer.demon.co.uk> Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Jaroslaw Bazydlo wrote in message ID <199605051045.MAA16372@cergowa.waw.pl>: > Can anyone tell me why on FreeBSD (the same with BSD/OS) there is the umask > value 2 ???? This simply couses producing group writable files. Imagine the > person which created .forward file, anyone in his group can modify this to > reforward files or duplicate mails. My view is that sendmail/mail.local (or whatever checks ~/.forward) should check that the user is the only person who is able to write to the file before accepting it as a valid .forward, the same as we do for .rhosts. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD - Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info. From owner-freebsd-security Sun May 5 08:16:55 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id IAA22000 for security-outgoing; Sun, 5 May 1996 08:16:55 -0700 (PDT) Received: from fslg8.fsl.noaa.gov (fslg8.fsl.noaa.gov [137.75.131.171]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id IAA21991 for ; Sun, 5 May 1996 08:16:50 -0700 (PDT) Received: by fslg8.fsl.noaa.gov (5.57/Ultrix3.0-C) id AA25330; Sun, 5 May 96 15:16:36 GMT Message-Id: <9605051516.AA25330@fslg8.fsl.noaa.gov> Received: by emu.fsl.noaa.gov (1.40.112.3/16.2) id AA252669396; Sun, 5 May 1996 09:16:36 -0600 Date: Sun, 5 May 1996 09:16:36 -0600 From: Sean Kelly To: jarekb@pap.waw.pl Cc: freebsd-security@freebsd.org In-Reply-To: <199605051045.MAA16372@cergowa.waw.pl> (jarekb@pap.waw.pl) Subject: Re: dot.cshrc and weird umask value Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >>>>> "Jaroslaw" == Jaroslaw Bazydlo writes: Jaroslaw> Can anyone tell me why on FreeBSD (the same with BSD/OS) Jaroslaw> there is the umask value 2 ???? This simply couses Jaroslaw> producing group writable files. Imagine the person which Jaroslaw> created .forward file, anyone in his group can modify Jaroslaw> this to reforward files or duplicate mails. A lot of sites create a separate group entry for each user. That is, user jarekb is a member of group jarekb, and no one else is a member. A separate group for each user relieves users of the worry that files they create might be readable by other group members. Since there are no other group members, there's no problem. -- Sean Kelly NOAA Forecast Systems Laboratory kelly@fsl.noaa.gov Boulder Colorado USA http://www-sdd.fsl.noaa.gov/~kelly/ From owner-freebsd-security Sun May 5 09:02:49 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id JAA24402 for security-outgoing; Sun, 5 May 1996 09:02:49 -0700 (PDT) Received: from kdat.calpoly.edu (kdat.csc.calpoly.edu [129.65.54.101]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id JAA24396 for ; Sun, 5 May 1996 09:02:47 -0700 (PDT) Received: (from nlawson@localhost) by kdat.calpoly.edu (8.6.12/N8) id JAA20318; Sun, 5 May 1996 09:02:40 -0700 From: Nathan Lawson Message-Id: <199605051602.JAA20318@kdat.calpoly.edu> Subject: Re: dot.cshrc and weird umask value To: nash@mcs.com Date: Sun, 5 May 1996 09:02:39 -0700 (PDT) Cc: security@freebsd.org In-Reply-To: <199605051404.JAA01310@zen.nash.org> from "Alex Nash" at May 5, 96 09:04:49 am X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Can anyone tell me why on FreeBSD (the same with BSD/OS) there is the umask > > value 2 ???? This simply couses producing group writable files. Imagine the > > person which created .forward file, anyone in his group can modify this to > > reforward files or duplicate mails. > > > > This is in /usr/share/skel/dot.cshrc. I know that everyone can set proper > > value of umask but some not experienced users do not know about it. And even > > experienced administrators belive that the distribution skeleton files are > > good enough to copy then into user directory. Is there a reason for this ???? > > UNIQ GROUP > > This model of uid/gid administration allows far greater flexibility that > lumping users into groups and having to muck with the umask when working > in a shared area. > > I have been using this model for almost 10 years and found that it works > for most situations, and has never gotten in the way. (Rod Grimes) Unfortunately, this solution does not scale well to an enterprise-wide network as your groups file grows ever larger. Remember it's not hashed like the pwd.db, and that's reason enough for me to have modified adduser to not support that scheme. -- Nate Lawson "There are a thousand hacking at the branches of CPE Student evil to one who is striking at the root." CSL Admin -- Henry David Thoreau, 'Walden', 1854 From owner-freebsd-security Sun May 5 09:41:52 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id JAA25953 for security-outgoing; Sun, 5 May 1996 09:41:52 -0700 (PDT) Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id JAA25942 for ; Sun, 5 May 1996 09:41:49 -0700 (PDT) Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id SAA13790 ; Sun, 5 May 1996 18:41:46 +0200 Received: from (uucp@localhost) by blaise.ibp.fr (8.6.12/jtpda-5.0) with UUCP id SAA03792 ; Sun, 5 May 1996 18:41:55 +0200 Received: (from roberto@localhost) by keltia.freenix.fr (8.7.5/keltia-uucp-2.7) id OAA20467; Sun, 5 May 1996 14:29:00 +0200 (MET DST) From: Ollivier Robert Message-Id: <199605051229.OAA20467@keltia.freenix.fr> Subject: Re: sendmail To: tbalfe@tioga.com (Thomas J Balfe) Date: Sun, 5 May 1996 14:29:00 +0200 (MET DST) Cc: security@freebsd.org In-Reply-To: from Thomas J Balfe at "May 4, 96 04:53:49 pm" X-Operating-System: FreeBSD 2.2-CURRENT ctm#1948 X-Mailer: ELM [version 2.4ME+ PL16 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk It seems that Thomas J Balfe said: > I have recently compiled sendmail from cert.org. What I want to know, > does sendmail have to be mode 4555 to function correctly, or will be > function correctly as mode 555? Or even 4111? As for running it, 4111 is the same as 4555. You need the setuid bit as sendmail is switching uids during execution when a user program runs it. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #14: Tue Apr 30 21:08:35 MET DST 1996 From owner-freebsd-security Sun May 5 10:09:47 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id KAA27221 for security-outgoing; Sun, 5 May 1996 10:09:47 -0700 (PDT) Received: from teamos2.org (teamos2.org [205.233.74.98]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id KAA27216 for ; Sun, 5 May 1996 10:09:44 -0700 (PDT) Received: from localhost (james@localhost) by teamos2.org (8.7.5/8.7.3) with SMTP id NAA17636; Sun, 5 May 1996 13:09:25 -0400 (EDT) Date: Sun, 5 May 1996 13:09:24 -0400 (EDT) From: James FitzGibbon To: Jaroslaw Bazydlo cc: freebsd-security@freebsd.org Subject: Re: dot.cshrc and weird umask value In-Reply-To: <199605051045.MAA16372@cergowa.waw.pl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sun, 5 May 1996, Jaroslaw Bazydlo wrote: > This is in /usr/share/skel/dot.cshrc. I know that everyone can set proper > value of umask but some not experienced users do not know about it. And even > experienced administrators belive that the distribution skeleton files are > good enough to copy then into user directory. Is there a reason for this ???? If you read the manpage for "adduser", you'll notice that the default method of creating users is to give each one of them their own group, instead of lumping them into "users" "staff" "guests", etc. Under this scheme, a umask of 2 is safe. If you change this default, It's expected that you would also change the default in /usr/share/skel. -- j. ---------------------------------------------------------------------------- | James FitzGibbon james@teamos2.org | | TeamOS/2 Online admin Voice/Fax : 416 410-0100 | ---------------------------------------------------------------------------- From owner-freebsd-security Sun May 5 10:14:48 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id KAA27397 for security-outgoing; Sun, 5 May 1996 10:14:48 -0700 (PDT) Received: from teamos2.org (teamos2.org [205.233.74.98]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id KAA27392 for ; Sun, 5 May 1996 10:14:45 -0700 (PDT) Received: from localhost (james@localhost) by teamos2.org (8.7.5/8.7.3) with SMTP id NAA17762; Sun, 5 May 1996 13:14:19 -0400 (EDT) Date: Sun, 5 May 1996 13:14:18 -0400 (EDT) From: James FitzGibbon To: Nathan Lawson cc: nash@mcs.com, security@FreeBSD.ORG Subject: Re: dot.cshrc and weird umask value In-Reply-To: <199605051602.JAA20318@kdat.calpoly.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Sun, 5 May 1996, Nathan Lawson wrote: > Unfortunately, this solution does not scale well to an enterprise-wide > network as your groups file grows ever larger. Remember it's not hashed like > the pwd.db, and that's reason enough for me to have modified adduser to not > support that scheme. I agree 100%, but there are a number of things that need to be done to FreeBSD (or any OS) to make it perform well and be secure in an enterprise environment. Any good sysadmin will have a checklist to take FreeBSD from it's distributed form to an enterprise server, and this should definately be on it (preferably before the section where you create your users) 8-) -- j. ---------------------------------------------------------------------------- | James FitzGibbon james@teamos2.org | | TeamOS/2 Online admin Voice/Fax : 416 410-0100 | ---------------------------------------------------------------------------- From owner-freebsd-security Sun May 5 16:57:36 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id QAA20002 for security-outgoing; Sun, 5 May 1996 16:57:36 -0700 (PDT) Received: from GndRsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.241]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id QAA19996 for ; Sun, 5 May 1996 16:57:31 -0700 (PDT) Received: (from rgrimes@localhost) by GndRsh.aac.dev.com (8.6.12/8.6.12) id OAA02210; Sun, 5 May 1996 14:03:02 -0700 From: "Rodney W. Grimes" Message-Id: <199605052103.OAA02210@GndRsh.aac.dev.com> Subject: Re: dot.cshrc and weird umask value To: nlawson@kdat.csc.calpoly.edu (Nathan Lawson) Date: Sun, 5 May 1996 14:03:02 -0700 (PDT) Cc: nash@mcs.com, security@freebsd.org In-Reply-To: <199605051602.JAA20318@kdat.calpoly.edu> from Nathan Lawson at "May 5, 96 09:02:39 am" X-Mailer: ELM [version 2.4ME+ PL11 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > > Can anyone tell me why on FreeBSD (the same with BSD/OS) there is the umask > > > value 2 ???? This simply couses producing group writable files. Imagine the > > > person which created .forward file, anyone in his group can modify this to > > > reforward files or duplicate mails. > > > > > > This is in /usr/share/skel/dot.cshrc. I know that everyone can set proper > > > value of umask but some not experienced users do not know about it. And even > > > experienced administrators belive that the distribution skeleton files are > > > good enough to copy then into user directory. Is there a reason for this ???? > > > > UNIQ GROUP > > > > This model of uid/gid administration allows far greater flexibility that > > lumping users into groups and having to muck with the umask when working > > in a shared area. > > > > I have been using this model for almost 10 years and found that it works > > for most situations, and has never gotten in the way. (Rod Grimes) > > Unfortunately, this solution does not scale well to an enterprise-wide > network as your groups file grows ever larger. Remember it's not hashed like > the pwd.db, and that's reason enough for me to have modified adduser to not > support that scheme. If your using this interprise wide you should be using NIS, if your using NIS your group file is hashed by NIS. -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Reliable computers for FreeBSD From owner-freebsd-security Sun May 5 18:04:15 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id SAA23429 for security-outgoing; Sun, 5 May 1996 18:04:15 -0700 (PDT) Received: from zen.nash.org (nash.pr.mcs.net [204.95.47.72]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id SAA23276 for ; Sun, 5 May 1996 18:02:46 -0700 (PDT) Received: (from alex@localhost) by zen.nash.org (8.7.5/8.6.12) id UAA02446; Sun, 5 May 1996 20:02:22 -0500 (CDT) Date: Sun, 5 May 1996 20:02:22 -0500 (CDT) Message-Id: <199605060102.UAA02446@zen.nash.org> From: Alex Nash To: security@freebsd.org Subject: ipfw logging in /etc/security Reply-to: nash@mcs.com Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I've added a couple of lines (ok, really I stole them from the setuid diff section) to my /etc/security that show changes in ipfw denied packet counts. Perhaps if someone who has commit privileges thinks this is worthwhile it could be added into the standard distribution. [ Added lines are at end of message ] An example /etc/security mail may look like: checking setuid files and devices: checking for uids of 0: root 0 denied packets: > 5700 4 176 deny tcp from any to 163.49.131.129 137-139 I can think of one point of contention: The output is generated via diff, but I'm stripping out everything but the current values. Do we want to compare them side by side to the packet/byte counts from the previous day? On a side note, ipfw does not allow resetting of individual packet counters. Would a modification to ipfw that allowed syntax like: ipfw zero 5700 or ipfw zero deny tcp from any to 163.49.131.129 137-139 be desirable? I am willing to submit the changes if there is backing for this. Alex (This was tested under 2.1-STABLE, but I think the output of RELEASE is similar enough that it should work there too.) # show denied packets ipfw -a l | grep deny > $TMP if cmp $LOG/ipfw.today $TMP >/dev/null; then :; else echo "" echo "" echo "denied packets:" diff -b $LOG/ipfw.today $TMP | egrep "^>" mv $LOG/ipfw.today $LOG/ipfw.yesterday mv $TMP $LOG/ipfw.today fi rm -f $TMP From owner-freebsd-security Sun May 5 22:02:40 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA08799 for security-outgoing; Sun, 5 May 1996 22:02:40 -0700 (PDT) Received: from jli (jli.portland.or.us [199.2.111.1]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id WAA08786 for ; Sun, 5 May 1996 22:02:34 -0700 (PDT) Received: from cumulus by jli with uucp (Smail3.1.29.1 #3) id m0uGIQh-0001bCC; Sun, 5 May 96 22:01 PDT Message-Id: To: tbalfe@tioga.com (Thomas J Balfe) Cc: security@freebsd.org Subject: Re: sendmail References: <199605051229.OAA20467@keltia.freenix.fr> In-reply-to: Your message of Sun, 05 May 1996 14:29:00 +0200. <199605051229.OAA20467@keltia.freenix.fr> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <17325.831358995.1@cloud.rain.com> Date: Sun, 05 May 1996 22:03:15 -0700 From: Bill Trost Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Ollivier Robert writes: It seems that Thomas J Balfe said: > [D]oes sendmail have to be mode 4555 to function correctly, or will be > function correctly as mode 555? Or even 4111? You need the setuid bit as sendmail is switching uids during execution when a user program runs it. However, if the sendmail is not doing any local delivery, then there is no reason that it cannot be run as some other user at all times (including when it is started up by /etc/rc or however you like to start it up). You might even be able to do this by using something like procmail (yech) to perform local delivery -- of course, then procmail has to be setuid root. You might get away with making sendmail only setgid to a user capable of writing the files in /var/mail, but that gets really strange and you still lose deliveries to pipes. WARNING: I have not tried this with sendmail, but have successfully run smail non-root on a machine with no local mailboxes. From owner-freebsd-security Sun May 5 23:00:07 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id XAA14225 for security-outgoing; Sun, 5 May 1996 23:00:07 -0700 (PDT) Received: from hyundai.net (hiline.hit.co.kr [203.251.201.2]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id XAA14208 for ; Sun, 5 May 1996 23:00:04 -0700 (PDT) Received: from iait250.hit.co.kr by hyundai.net via SMTP (951211.SGI.8.6.12.PATCH1042/940406.SGI.AUTO) id OAA10552; Mon, 6 May 1996 14:59:01 -0700 Message-ID: <318D9544.529B@hyundai.net> Date: Mon, 06 May 1996 14:59:32 +0900 From: jwshin Organization: Hyundai Information Tech. X-Mailer: Mozilla 3.0b3 (Win95; I) MIME-Version: 1.0 To: security@freebsd.org CC: jwshin@hyundai.net Subject: (no subject) Content-Type: text/plain; charset=euc-kr Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk subscribe security From owner-freebsd-security Mon May 6 09:46:20 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id JAA24011 for security-outgoing; Mon, 6 May 1996 09:46:20 -0700 (PDT) Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id JAA23791 for ; Mon, 6 May 1996 09:43:41 -0700 (PDT) Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id SAA04697 ; Mon, 6 May 1996 18:42:21 +0200 Received: from (uucp@localhost) by blaise.ibp.fr (8.6.12/jtpda-5.0) with UUCP id SAA08160 ; Mon, 6 May 1996 18:42:30 +0200 Received: (from roberto@localhost) by keltia.freenix.fr (8.7.5/keltia-uucp-2.7) id IAA23833; Mon, 6 May 1996 08:44:12 +0200 (MET DST) From: Ollivier Robert Message-Id: <199605060644.IAA23833@keltia.freenix.fr> Subject: Re: sendmail To: trost@cloud.rain.com (Bill Trost) Date: Mon, 6 May 1996 08:44:11 +0200 (MET DST) Cc: tbalfe@tioga.com, security@freebsd.org In-Reply-To: from Bill Trost at "May 5, 96 10:03:15 pm" X-Operating-System: FreeBSD 2.2-CURRENT ctm#1948 X-Mailer: ELM [version 2.4ME+ PL16 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk It seems that Bill Trost said: > However, if the sendmail is not doing any local delivery, then Sendmail never does local delivery itself. It always pass the mail to mail.local or procmail... > You might get away with making sendmail only setgid to a user > capable of writing the files in /var/mail, but that gets really > strange and you still lose deliveries to pipes. Won't make a difference. Sendmail in CURRENT is already not setgid anymore as the method of getting the load avg is now sysctl(3). > WARNING: I have not tried this with sendmail, but have successfully > run smail non-root on a machine with no local mailboxes. Smail does local delivery itself if I remember well (I've switched to sendmail since 8.2...). -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #14: Tue Apr 30 21:08:35 MET DST 1996 From owner-freebsd-security Mon May 6 12:18:23 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id MAA02143 for security-outgoing; Mon, 6 May 1996 12:18:23 -0700 (PDT) Received: from multivac.orthanc.com (root@multivac.orthanc.com [206.12.238.2]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id MAA02132 for ; Mon, 6 May 1996 12:18:20 -0700 (PDT) Received: from orodruin.orthanc.com (root@orodruin.orthanc.com [206.12.238.3]) by multivac.orthanc.com (8.7.3/8.7.3) with ESMTP id MAA17062; Mon, 6 May 1996 12:18:12 -0700 (PDT) Received: from localhost (lyndon@localhost) by orodruin.orthanc.com (8.7.5/8.7.3) with SMTP id MAA00413; Mon, 6 May 1996 12:18:11 -0700 (PDT) Message-Id: <199605061918.MAA00413@orodruin.orthanc.com> X-Authentication-Warning: orodruin.orthanc.com: lyndon owned process doing -bs X-Authentication-Warning: orodruin.orthanc.com: Host lyndon@localhost didn't use HELO protocol From: Lyndon Nerenberg VE7TCP To: Ollivier Robert cc: trost@cloud.rain.com (Bill Trost), tbalfe@tioga.com, security@FreeBSD.ORG Subject: Re: sendmail In-reply-to: Your message of "Mon, 06 May 1996 08:44:11 +0200." <199605060644.IAA23833@keltia.freenix.fr> Date: Mon, 06 May 1996 12:18:10 -0700 Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >Smail does local delivery itself if I remember well (I've switched to >sendmail since 8.2...). No, under 4.4BSD derived systems it uses /usr/libexec/mail.local. (Well, it should. Direct delivery doesn't work otherwise.) --lyndon From owner-freebsd-security Mon May 6 13:56:18 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id NAA08399 for security-outgoing; Mon, 6 May 1996 13:56:18 -0700 (PDT) Received: from solar.tlk.com (root@solar.tlk.com [194.97.84.34]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id NAA08390 for ; Mon, 6 May 1996 13:56:12 -0700 (PDT) Received: by solar.tlk.com id ; Mon, 6 May 96 22:55 MET DST Message-Id: Date: Mon, 6 May 96 22:55 MET DST From: torstenb@solar.tlk.com (Torsten Blum) To: roberto@keltia.freenix.fr Cc: freebsd-security@freebsd.org Subject: Re: sendmail References: <199605060644.IAA23833@keltia.freenix.fr> Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Oliver wrote: >Smail does local delivery itself if I remember well (I've switched to >sendmail since 8.2...). smail does the local delivery by default but you can configure smail to use procmail or mail.local instead. The smail port install example config files which use mail.local... -tb From owner-freebsd-security Mon May 6 22:42:28 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA12786 for security-outgoing; Mon, 6 May 1996 22:42:28 -0700 (PDT) Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id WAA12774 for ; Mon, 6 May 1996 22:42:21 -0700 (PDT) Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id HAA12657 ; Tue, 7 May 1996 07:42:19 +0200 Received: from (uucp@localhost) by blaise.ibp.fr (8.6.12/jtpda-5.0) with UUCP id HAA10468 ; Tue, 7 May 1996 07:42:28 +0200 Received: (from roberto@localhost) by keltia.freenix.fr (8.7.5/keltia-uucp-2.7) id XAA28249; Mon, 6 May 1996 23:56:59 +0200 (MET DST) From: Ollivier Robert Message-Id: <199605062156.XAA28249@keltia.freenix.fr> Subject: Re: sendmail To: lyndon@orthanc.com (Lyndon Nerenberg VE7TCP) Date: Mon, 6 May 1996 23:56:58 +0200 (MET DST) Cc: trost@cloud.rain.com, tbalfe@tioga.com, security@FreeBSD.ORG In-Reply-To: <199605061918.MAA00413@orodruin.orthanc.com> from Lyndon Nerenberg VE7TCP at "May 6, 96 12:18:10 pm" X-Operating-System: FreeBSD 2.2-CURRENT ctm#1948 X-Mailer: ELM [version 2.4ME+ PL16 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk It seems that Lyndon Nerenberg VE7TCP said: > No, under 4.4BSD derived systems it uses /usr/libexec/mail.local. (Well, > it should. Direct delivery doesn't work otherwise.) Thanks to all for the clarification. I've not used Smail since 386BSD 0.1 or FreeBSD 1.0 so my memory is not very fresh... :-) I still hate its way to deal with UUCP only systems... Give me sendmail's mailertable without the damned "!" anyday. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #14: Tue Apr 30 21:08:35 MET DST 1996 From owner-freebsd-security Tue May 7 13:00:36 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id NAA29755 for security-outgoing; Tue, 7 May 1996 13:00:36 -0700 (PDT) Received: from fslg8.fsl.noaa.gov (fslg8.fsl.noaa.gov [137.75.131.171]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id NAA29745 for ; Tue, 7 May 1996 13:00:30 -0700 (PDT) Received: by fslg8.fsl.noaa.gov (5.57/Ultrix3.0-C) id AA12542; Tue, 7 May 96 20:00:29 GMT Message-Id: <9605072000.AA12542@fslg8.fsl.noaa.gov> Received: by emu.fsl.noaa.gov (1.40.112.3/16.2) id AA241039230; Tue, 7 May 1996 14:00:30 -0600 Date: Tue, 7 May 1996 14:00:30 -0600 From: Sean Kelly To: brian@mail.vividnet.com Cc: freebsd-security@freebsd.org In-Reply-To: (message from Brian Wang on Sat, 4 May 1996 12:07:21 -0700 (PDT)) Subject: Re: Weird system security output Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >>>>> "Brian" == Brian Wang writes: Brian> Somehow, the date stamp gets altered for no reason...a Brian> compromised system? Again, checking the binary file from Brian> the backup/cdrom yielded nothing. Neat. It's never happened to me, but I don't have that many users and I know 'em all pretty well (I think). Try turning on process accounting. In /etc/sysconfig, change the line accounting=NO to accounting=YES I'm don't think the warning in the file that says it doesn't work is warranted. I've run with accounting on since 2.0 and have had no unexplained problems or spontaneous reboots. Then, reboot. Or, better yet, just start accounting immediately: accton /var/account/acct The next time your daily security check shows a file time difference, check the change time of the file in question and see if you can match it up with a specific command run by a specific user by running lastcomm. -- Sean Kelly NOAA Forecast Systems Laboratory kelly@fsl.noaa.gov Boulder Colorado USA http://www-sdd.fsl.noaa.gov/~kelly/ From owner-freebsd-security Sat May 11 12:00:56 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id MAA04271 for security-outgoing; Sat, 11 May 1996 12:00:56 -0700 (PDT) Received: from sniff.franken.de (sniff.franken.de [193.141.110.216]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id MAA04247 Sat, 11 May 1996 12:00:51 -0700 (PDT) Received: (from marc@localhost) by sniff.franken.de (8.7.5/8.7.3/uuB) id VAA02490; Sat, 11 May 1996 21:00:01 +0200 (MET DST) From: Marc Binderberger Message-Id: <199605111900.VAA02490@sniff.franken.de> Subject: Re: NFS To: jmb@freefall.freebsd.org (Jonathan M. Bresler) Date: Sat, 11 May 1996 21:00:00 +0200 (MET DST) Cc: freebsd-security@freebsd.org In-Reply-To: <199605102143.OAA27441@freefall.freebsd.org> from "Jonathan M. Bresler" at May 10, 96 02:43:37 pm X-Mailer: ELM [version 2.4 PL24 ME8b] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hello, Jonathan M. Bresler wrote: > going towards root (cd ..) is my gues as to what he means by > "going down the tree from that directory" (envision a directory > tree with root at the bottom, where a tree's roots are ;) Never understood, why computer scientist use the term "tree" upside down. Why don't you start painting at the bottom of the paper? :-) Serious: > the users on the mahcine that mounts teh nfs exported directory > cannot cd .. *on my filesystem* from the exported directory. > (eg if i export /home/jmb/Papers/usenix from my machine to > yours, you will not be able to access /home/jmb/Papers) Really? As far as I remember the filehandle can be spoofed to access every file on the partition, not only files located in the exported part. Every client can do so with the appropriate patches. But I've never tried this with a FreeBSD box. For HPUX, Ultrix and OSF/1 it works. The only problem was to "guess" the inode of the "real root", because Ultrix and OSF/1 are doing some kind of fsirand when formatting the disk. HPUX is too trivial to be true and in most cases inode "2" was the root of the partition's filesystem. :-( To be _really_ sure there's no one who can steal some informations better export the whole partition - it's closer to reality. Regards, Marc -- Marc Binderberger 97076 Wuerzburg, Germany marc@sniff.franken.de Powered by FreeBSD ;-)