Date: Wed, 11 Aug 1999 01:40:00 -0700 (PDT) From: Mike Hoskins <mike@snafu.adept.org> To: "Andrey E. Lerman" <lae@uniyar.ac.ru> Cc: freebsd-security@FreeBSD.ORG Subject: Re: info on suid/sgid files Message-ID: <Pine.BSF.4.10.9908110114490.71398-100000@snafu.adept.org> In-Reply-To: <19990811043211.X16510@uniyar.ac.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 11 Aug 1999, Andrey E. Lerman wrote: > It would be nice if info about need of increased privileges > needed for given program would be clearly stated in manpage. I'm not sure how much info is needed about increased privileges... There's a lot of writeups (CERT's security checklist and an article I did for the FreeBSD 'Zine to name a couple) that already say 'If you don't need it ... turn it off'. Beyond saying that, I'd hope the admin could... Type: find / \( -perm -2000 -o -perm -4000 \) -print > audit.log more audit.log Think: 'I only need foo, I'll chmod the others appropriately.' Man pages generally do mention files they need/use... From which you can decide which users or groups need access to what files for a system to function appropriately. -Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9908110114490.71398-100000>