Date: Mon, 1 Nov 1999 17:39:55 +0100 From: Eivind Eklund <eivind@FreeBSD.ORG> To: Spidey <beaupran@iro.umontreal.ca> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Examining FBSD set[ug]ids and their use Message-ID: <19991101173955.L72085@bitbox.follo.net> In-Reply-To: <14364.64172.638014.558487@anarcat.dyndns.org>; from beaupran@jsp.umontreal.ca on Sun, Oct 31, 1999 at 09:27:56PM -0500 References: <14364.64172.638014.558487@anarcat.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 31, 1999 at 09:27:56PM -0500, Spidey wrote: > # The suid bit is NOT necessary for any usage I could find... > df gname=operator mode=2555 The suid bit is necessary for users to be able to inspect the amount of disk space free on unmounted disks. Personally, I don't think users should be allowed to see the amount of disk space free on unmounted disks unless they are in group operator themselves. If I don't get any disagreement, I will remove this setuid bit. > /set gname=tty > # Allow users to dump on remote (see dump(1), the BUGS section) > dump gname=tty > rdump gname=tty > restore gname=tty > rrestore gname=tty > # High scores management > sol uname=games gname=games mode=6755 This looks like a bug in some port, actually. We shouldn't normally have anything that is setuid games, only setgid. > # Allow users to read master.passwd > xlock mode=4111 A separate system for verifying a user's own password would be infinitely desirable. I suggest something as simple as a small executable that verify the password, and automatically touch a file so it can't be called more than reasonable for interactive verification. > # Allow users to regenerate the aliases database. > # Why the hell should anyone else than the one that has modified the > # database would want to rebuild it???? > newaliases The alias files can be group writable. > # Same as rsh and such. > ssh1 mode=4711 Not quite. ssh uses this to get at the local host key, and authenticate that it is run with that key or the attacker has control over the entire host (by using a privileged port as the source port). Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991101173955.L72085>