Date: Mon, 24 Mar 1997 10:45:13 -0800 From: Darryl Okahata <darrylo@hpnmhjw.sr.hp.com> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: freebsd-bugs@freebsd.org Subject: Re: sendmail can't create PID file because of owner permission of /var/run Message-ID: <199703241845.AA243889113@hpnmhjw.sr.hp.com> In-Reply-To: Your message of "Mon, 24 Mar 1997 08:09:50 %2B0100." <19970324080950.WP16275@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Joerg Wunsch (joerg_wunsch@uriah.heep.sax.de) wrote: > Since bin has no password (and no shell) on 99.9 % of the systems, you > must be root before you can become bin anyway. So what? If the > intruder is root already, assigning all the system binaries to root > wouldn't help. Scenario: * Intruder breaks into system "A", and manages to become root. * Intruder attempts to break into system "B", but is initially thwarted (no .rhosts, no hosts.equiv, no common passwords, etc.). * However, system A mounts (via NFS) some of system B's directories. System B disallows root access via NFS (i.e., root uid == -2). * Intruder becomes "bin" on system A, cd's to an NFS-mounted directory from system B, and replaces binary executables owned by bin with trojan horses. Note that the trojans are being placed on system B, and not system A. I'm sure you can guess the rest. Keeping files and directories owned by root can make a system more secure, as long as root access is disallowed via NFS (and group/other write permission is taken away on files and directories). -- Darryl Okahata Internet: darrylo@sr.hp.com DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Hewlett-Packard, or of the little green men that have been following him all day.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703241845.AA243889113>