Date: Fri, 15 Jun 2001 17:40:04 -0700 (PDT) From: Dima Dorfman <dima@unixfreak.org> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/28188: Cron is being started to early in /etc/rc (potential security hole) Message-ID: <200106160040.f5G0e4B82911@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/28188; it has been noted by GNATS. From: Dima Dorfman <dima@unixfreak.org> To: Brad Huntting <huntting@glarp.com> Cc: freebsd-gnats-submit@FreeBSD.org, security@freebsd.org Subject: Re: misc/28188: Cron is being started to early in /etc/rc (potential security hole) Date: Fri, 15 Jun 2001 17:38:37 -0700 Brad Huntting <huntting@glarp.com> writes: > >Description: > Cron allows users to run jobs at boot time by specifying "@reboot". > While this is a very usefull feature, it is also a potential security > hole if these jobs are started before the kern.securelevel level is > raised. This is a general problem; cron just makes it easy to take advantage of. The problem is that the securelevel is raised as late as possible; it is the last thing to happen in /etc/rc in -stable, and second to last in -current (background fsck's are started after it). The real solution[1] is to move the setting of securelevel up, above the starting of most of the non-essential daemons (e.g., sshd, cron, et al). Anyone from -security care to comment on the feasibility of this? Any reason why it isn't already done like this? OpenBSD sets it quite early, FWIW. Thanks, Dima Dorfman dima@unixfreak.org [1] Actually, the real solution is to axe the entire concept of securelevel. Of course, this won't be done until a suitable replacement is available (e.g., MAC). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106160040.f5G0e4B82911>