From owner-freebsd-questions@FreeBSD.ORG Wed Jun 16 17:42:48 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 21F7816A4CE for ; Wed, 16 Jun 2004 17:42:48 +0000 (GMT) Received: from out011.verizon.net (out011pub.verizon.net [206.46.170.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id B876143D45 for ; Wed, 16 Jun 2004 17:42:47 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from [192.168.1.3] ([68.161.84.3]) by out011.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040616174222.HLHC18566.out011.verizon.net@[192.168.1.3]>; Wed, 16 Jun 2004 12:42:22 -0500 Message-ID: <40D08676.3080501@mac.com> Date: Wed, 16 Jun 2004 13:42:14 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040608 X-Accept-Language: en-us, en MIME-Version: 1.0 To: j.e.drews@att.net References: <061620041608.19913.40D0707D000648FA00004DC921587667559C990A9D0BD20AD206@att.net> In-Reply-To: <061620041608.19913.40D0707D000648FA00004DC921587667559C990A9D0BD20AD206@att.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out011.verizon.net from [68.161.84.3] at Wed, 16 Jun 2004 12:42:22 -0500 cc: freebsd-questions@freebsd.org Subject: Re: Should gcc be accessable by others? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jun 2004 17:42:48 -0000 j.e.drews@att.net wrote: > Is it a good idea to change the permisions on the gcc tools to 750 ? I > looked through the FreeBSD Handbook and could find no advice on this matter. Changing gcc to 750 might provide a small benefit to security, but if someone has enough access to be able to try to run gcc in the first place, they can probably upload their own compiler if they really wanted to (or more likely, a precompiled version of whatever tool they wanted to use), or else exploit some other local vulnerability. > Also are there other tools that should not be available like strace? How can I > find out which ones are potentially exploitable? The ports system provides a mechanism for analysing which programs use socket() and other system calls and thus may be potentially remotely exploitable. Anyway, the notion you are looking for is known as "hardening a system", and a search on that term will probably give you more insight. Basicly, just changing perms on gcc isn't really enough, but if you take draconian measures to remove all programs that aren't needed, you can get a minimal system that is much harder to exploit. Such a system wouldn't be very useable to normal humans, however, so this is generally done only for firewalls and the like. -- -Chuck