Date: Thu, 13 Sep 2001 11:37:51 -0400 (EDT) From: Matt Piechota <piechota@argolis.org> To: Kris Kennaway <kris@obsecurity.org> Cc: alexus <ml@db.nexgen.com>, <freebsd-isp@FreeBSD.ORG>, <freebsd-security@FreeBSD.ORG> Subject: Re: protecting /sbin and /usr/local/sbin Message-ID: <20010913113439.G33971-100000@cithaeron.argolis.org> In-Reply-To: <20010912142752.A26055@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 12 Sep 2001, Kris Kennaway wrote: > You can do it, but if your system relies on non-root users executing > these commands, bits will obviously fail. I think you're probably > overreacting, though. Plus, you're going to have to clamp down on compiling and such. Some one could go find the source for whatever command and compile up their own copy. Of course they could compile their own binary somewhere else and transfer it over as well. You could make it harder for them, but you're not going to be able to stop them from running the commands in question. -- Matt Piechota Finger piechota@emailempire.com for PGP key AOL IM: cithaeron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010913113439.G33971-100000>