From owner-freebsd-hackers Sat Jul 19 03:27:57 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id DAA17141 for hackers-outgoing; Sat, 19 Jul 1997 03:27:57 -0700 (PDT) Received: from verdi.nethelp.no (verdi.nethelp.no [195.1.171.130]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id DAA17135 for ; Sat, 19 Jul 1997 03:27:51 -0700 (PDT) From: sthaug@nethelp.no Received: (qmail 15408 invoked by uid 1001); 19 Jul 1997 10:27:47 +0000 (GMT) To: andreas@klemm.gtn.com Cc: hackers@FreeBSD.ORG Subject: Re: sendmail complains about being unable to write his pid file In-Reply-To: Your message of "Sat, 19 Jul 1997 12:08:26 +0200" References: <19970719120826.19772@gtn.com> X-Mailer: Mew version 1.05+ on Emacs 19.28.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sat, 19 Jul 1997 12:27:46 +0200 Message-ID: <15406.869308066@verdi.nethelp.no> Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > I'm always nervous about directories owned by bin, on the assumption > > that bin might be easier to break than root, and could then be used > > as a stepstone to breaking root. > > I don't believe this, because bin isn't a password protected login. > Look here: > bin:*:3:7:Binaries Commands and Source,,,:/:/nonexistent That's fine - until somebody decides to run NFS. Then all bets are off. > I think it's a BSDism. bin is the UID and GID for Binaries, Commands > and source as shown by the entry in /etc/passwd ... Yes, but the question stands - why is it setup this way? What is gained by having binaries (and important directories) owned by bin instead of root? Steinar Haug, Nethelp consulting, sthaug@nethelp.no