Date: Mon, 17 Feb 1997 20:49:20 +1100 From: Giles Lean <giles@nemeton.com.au> To: stefan.arentz@luna.net (Stefan Arentz) Cc: security@freebsd.org Subject: Re: (fwd) Re: Shell Access Message-ID: <199702170949.UAA18958@nemeton.com.au> In-Reply-To: <19970217005715.SA06934@blah.rotterdam.luna.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 17 Feb 1997 00:57:15 +0100 Stefan Arentz wrote: > Isn't it possible to block root hacks with a wrapper around the kernel's > setuid()/seteuid()/setgid()/setegid() system call implementation that > can deny the call on basis of the user id that is requesting the change > of credentials? Rather than do this, take the setuid bits off the things you want to protect and use a program supporting explicit access lists and logging to run these programs. (Think 'sudo', 'priv' etc.) In the case of commercial OSes, lots of things with setuid bits set don't need to be setuid since it doesn't make sense for anyone other than root to run them. (Minor success report: I've had two setuid bits removed from HP-UX. :-) Giles
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702170949.UAA18958>