Date: Fri, 29 Mar 2002 03:16:56 -0800 (PST) From: Jason Stone <jason-fbsd-security@shalott.net> To: <security@FreeBSD.ORG> Subject: Re: make world and setuid bits Message-ID: <20020329025937.G5333-100000@walter> In-Reply-To: <20020328174304.L97841@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > passwd(1), at(1), crontab(1), login(1), su(1), some or most of those > would be required for almost any multiuser installation. at and crontab I don't provide, and since I use ssh exclusively, login is not necesary. passwd is usually the only binary I leave setuid. I don't want this thread to get too theological, but my preferred way of handling root users is to use ssh with rsa keys and patch sshd to log key fingerprints for root logins (actually, the current openssh finally includes this feature by default) and to totally avoide su. This gives me the accountability I desire, it ensures that all root logins are over ssh, and it makes managing root access much easier and way less error prone. As for mount -o nosuid, I do that when I can, but it's not granular enough for many circumstances. Sometimes I want to have a single setuid binary like passwd, and frequently I want to have non-root setuid binaries (I feel prety comfortable with man, for example). > If you can come up with some reasonably non-obtrusive patches to the > build to control this with some make.conf(5) knobs, we can have a look > at the practicallity. That's fair - if I do send a patch, do you suppose it's likely it would get included? I'm imagining just wrapping the assignment of BINMODE in an ifdef for the sixty-ish or so Makefiles that use it to set special bits. -Jason ----------------------------------------------------------------------- I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE8pE0tswXMWWtptckRArXSAKDcDmmdQM9bStsf3TzOYh+Yxiiv6gCgrEPn +mEofipaM61lwAwi4R19Ah8= =GuYc -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020329025937.G5333-100000>