Date: Wed, 8 Jan 2003 04:24:05 +0100 From: Mark <admin@asarian-host.net> To: "David Malone" <dwmalone@maths.tcd.ie> Cc: <freebsd-bugs@freebsd.org> Subject: Re: bin/46838: security vulnerability in dump Message-ID: <200301080324.H083ONJ61009@asarian-host.net> References: <200301072050.h07Ko4Kj025064@freefall.freebsd.org> <20030107211547.GD82447@walton.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "David Malone" <dwmalone@maths.tcd.ie> To: "Mark" <admin@asarian-host.net> Cc: <freebsd-bugs@FreeBSD.org> Sent: Tuesday, January 07, 2003 10:15 PM Subject: Re: bin/46838: security vulnerability in dump > On Tue, Jan 07, 2003 at 12:50:04PM -0800, Mark wrote: > > > I realize running "umask 077" will prevent this problem. But I also > > believe dump is a special case, as most individual programs do not > > create world-readable files containing root's view of the filesystem > > data. > > Just about any command can create world readable files containing > root's view of a filesystem: cp, tar, cat, dd. I'd also expect > that people may use dump to create (say) group readable files which > can be restored by those in group operator, or somesuch. You make a cogent case for group rights. But, likewise, I cannot conceive of any plausible scenario where a dump-file would ever have to be world-readable. Or is there? So why not make it write "umask 007"? That would maintain all necessary sharing rights for group operator and such, yet prevent all the world and his friend to have a peek too. > If there's a general consensus for change, I'll go along with it - > otherwise I'll close the PR as one of the many ways unix offers you > to shoot yourself in the foot. It is a good thing that UNIX offers tools so powerful that one can shoot oneself in the foot; but why preconfigure the gun to be aimed at it? :) - Mark System Administrator Asarian-host.org --- "If you were supposed to understand it, we wouldn't call it code." - FedEx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301080324.H083ONJ61009>