Date: Fri, 10 Mar 2017 12:11:57 -0500 From: Lowell Gilbert <Lowell@Be-Well.Ilk.Org> To: "James B. Byrne via freebsd-questions" <freebsd-questions@freebsd.org> Cc: byrnejb@harte-lyne.ca Subject: Re: daily security run output (setuid) Message-ID: <44bmt9jbtu.fsf@lowell-desk.lan> In-Reply-To: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> (James B. Byrne via freebsd-questions's message of "Fri, 10 Mar 2017 11:42:42 -0500") References: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
"James B. Byrne via freebsd-questions" <freebsd-questions@freebsd.org> writes: > Following a recent update we began to see this report: > > Checking setuid files and devices: [...] > This was a legitimate update as far as I can see. I can see that the > mtime value has changed but why does the update not account for this > with the security system? Because having "the security system" trust that the the port update was initiated by an appropriately authorized user would make it too easy to hide a security breach.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44bmt9jbtu.fsf>