Date: Wed, 11 Aug 1999 01:40:00 -0700 (PDT) From: Mike Hoskins <mike@snafu.adept.org> To: "Andrey E. Lerman" <lae@uniyar.ac.ru> Cc: freebsd-security@FreeBSD.ORG Subject: Re: info on suid/sgid files Message-ID: <Pine.BSF.4.10.9908110114490.71398-100000@snafu.adept.org> In-Reply-To: <19990811043211.X16510@uniyar.ac.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 11 Aug 1999, Andrey E. Lerman wrote:
> It would be nice if info about need of increased privileges
> needed for given program would be clearly stated in manpage.
I'm not sure how much info is needed about increased privileges...
There's a lot of writeups (CERT's security checklist and an article I did
for the FreeBSD 'Zine to name a couple) that already say 'If you don't
need it ... turn it off'. Beyond saying that, I'd hope the admin could...
Type: find / \( -perm -2000 -o -perm -4000 \) -print > audit.log
more audit.log
Think: 'I only need foo, I'll chmod the others appropriately.'
Man pages generally do mention files they need/use... From which you can
decide which users or groups need access to what files for a system to
function appropriately.
-Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9908110114490.71398-100000>