Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 02 Jun 1999 13:47:23 +0800
From:      adrian@freebsd.org
To:        Andrew Kenneth Milton <akm@mail.theinternet.com.au>
Cc:        freebsd-security@freebsd.org
Subject:   Re: Shell Account system 
Message-ID:  <19990602054724.12309.qmail@ewok.creative.net.au>
In-Reply-To: Your message of "Wed, 02 Jun 1999 11:47:27 %2B1000." <199906020147.LAA21482@mail.theinternet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
Andrew Kenneth Milton writes:
>+----[ Bruce Campbell ]---------------------------------------------
>| On Tue, 1 Jun 1999, Cain wrote:
>| 
>| > In addition to tripwire, monitor the existence of all SUID programs, when
>| > new ones appear make sure you know about it. BTW, ircd is usually SUID, so
>| > if a user of yours sets that up it's normal. But then how do you know a
>| > hacker just hasn't named his root shell ircd... so monitor the sizes of
>| > new SUID programs
>| 
>| Possibly putting my foot in my mouth here, but *why* would ircd need to be
>| SUID to anyone?  It commonly runs at the high ports (6667) and thus does
>| not need root for that.  
>| 
>| If you want a specific ircd user to run ircd (either by script or by
>| respawning from init), I don't see a need for the ircd binary to be SUID
>| to anyone (executable only be that user yes, SUID no)
>| 
>| Or am I missing something here?  
>
>It's normally suid because the conf files are readable only by the
>'owner' -- it's also suid to limit the damage you can do, normally
>you setup an 'irc' account and make it suid that.


I'm oing to look at phk's jail stuff soon in application for a shell server,
but right now, the king shell server I ran has /usr/home , /tmp (which is
also /var/tmp) mounted noexec, nosuid, nosgid.

The worst thing in the world you can ever do is allow users to compile/run
their own binaries. If a user wants something installed, then I'll damn
well compile it and install it for *all* to use.



Adrian


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990602054724.12309.qmail>