Site Navigation

Date:      Sun, 09 Sep 2001 09:39:19 +0100
From:      Brian Somers <brian@freebsd-services.com>
To:        Matt Dillon <dillon@FreeBSD.org>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@freebsd-services.com
Subject:   Re: cvs commit: src/usr.bin/tip/tip Makefile src/gnu/libexec/uucp/cu Makefile src/gnu/libexec/uucp/uucp Makefile src/gnu/libexec/uucp/uuname Makefile src/gnu/libexec/uucp/uustat Makefile src/gnu/libexec/uucp/uux Makefile 
Message-ID:  <200109090839.f898dJJ14239@hak.lan.Awfulhak.org>
In-Reply-To: Message from Matt Dillon <dillon@FreeBSD.org>  of "Sat, 08 Sep 2001 21:54:10 PDT." <200109090454.f894sAc07178@freefall.freebsd.org> 

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

> dillon      2001/09/08 21:54:10 PDT
> 
>   Modified files:
>     usr.bin/tip/tip      Makefile 
>     gnu/libexec/uucp/cu  Makefile 
>     gnu/libexec/uucp/uucp Makefile 
>     gnu/libexec/uucp/uuname Makefile 
>     gnu/libexec/uucp/uustat Makefile 
>     gnu/libexec/uucp/uux Makefile 
>   Log:
>   Make sure that all non-root-owned binaries in standard system
>   paths are chflaged 'schg' to prevent exploit vectors when run
>   by cron, by a root user, or by a user other then the one owning the
>   binary.  This applies to most of the uucp binaries, cu, tip, and
>   man (man was already installed properly).
>   
>   MFC will occur when approved.
> 
>   Revision  Changes    Path
>   1.12      +2 -1      src/usr.bin/tip/tip/Makefile
>   1.9       +2 -1      src/gnu/libexec/uucp/cu/Makefile
>   1.7       +2 -1      src/gnu/libexec/uucp/uucp/Makefile
>   1.6       +2 -2      src/gnu/libexec/uucp/uuname/Makefile
>   1.6       +2 -1      src/gnu/libexec/uucp/uustat/Makefile
>   1.7       +2 -1      src/gnu/libexec/uucp/uux/Makefile

Why are you doing this ?  You need to protect the parent directories 
if you hope to protect the contents.

This just prevents foot-shooting.

-- 
Brian <brian@freebsd-services.com>                <brian@Awfulhak.org>
      http://www.freebsd-services.com/        <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour !      <brian@[uk.]OpenBSD.org>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109090839.f898dJJ14239>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact