From owner-cvs-etc  Sun Aug 25 14:38:59 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA10197
          for cvs-etc-outgoing; Sun, 25 Aug 1996 14:38:59 -0700 (PDT)
Received: (from pst@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id OAA10073;
          Sun, 25 Aug 1996 14:37:14 -0700 (PDT)
Date: Sun, 25 Aug 1996 14:37:14 -0700 (PDT)
From: Paul Traina <pst>
Message-Id: <199608252137.OAA10073@freefall.freebsd.org>
To: CVS-committers, cvs-all, cvs-etc, cvs-usrsbin
Subject: cvs commit:  src/etc/mtree BSD.var.dist src/usr.sbin/rwhod rwhod.c
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

pst         96/08/25 14:37:12

  Modified:    etc/mtree  BSD.var.dist
               usr.sbin/rwhod  rwhod.c
  Log:
  Fix buffer overrun, and run as nobody
  
  Revision  Changes    Path
  1.25      +2 -2      src/etc/mtree/BSD.var.dist
  1.3       +49 -9     src/usr.sbin/rwhod/rwhod.c

From owner-cvs-etc  Sun Aug 25 19:31:29 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id TAA10713
          for cvs-etc-outgoing; Sun, 25 Aug 1996 19:31:29 -0700 (PDT)
Received: from nervosa.vendetta.com (coredump@nervosa.vendetta.com [192.187.167.18])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA10706;
          Sun, 25 Aug 1996 19:31:24 -0700 (PDT)
Received: from localhost (coredump@localhost) by nervosa.vendetta.com (8.7.5/8.7.3) with SMTP id TAA02912; Sun, 25 Aug 1996 19:30:24 -0700 (PDT)
Date: Sun, 25 Aug 1996 19:30:23 -0700 (PDT)
From: Chris Layne <coredump@nervosa.vendetta.com>
To: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
cc: joerg_wunsch@uriah.heep.sax.de, asami@freefall.freebsd.org,
        CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org,
        cvs-etc@freefall.freebsd.org
Subject: Re: cvs commit:  src/etc services
In-Reply-To: <199608230735.AAA14611@GndRsh.aac.dev.com>
Message-ID: <Pine.BSI.3.95.960825192957.1267C-100000@nervosa.vendetta.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Fri, 23 Aug 1996, Rodney W. Grimes wrote:

There is always netstat -an

> > As Rodney W. Grimes wrote:
> > 
> > > Have these been assigned in the RFC's/IAN, if not they should probably not
> > > go in FreeBSD's /etc/services.  
> > 
> > I don't have the assigned numbers RFC handy, but i think there are
> 
> You ever tried to decode the output of netstat -a??  When /etc/services
> is used as a reverse map to convert port numbers to names these extra
> bogus service entries cause folks like me heartache.
> 
> Rod Grimes                                      rgrimes@gndrsh.aac.dev.com

== Chris Layne ======================================== Nervosa Computing ==
== coredump@nervosa.vendetta.com == http://nervosa.vendetta.com/~coredump ==


From owner-cvs-etc  Sun Aug 25 22:26:04 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id WAA19025
          for cvs-etc-outgoing; Sun, 25 Aug 1996 22:26:04 -0700 (PDT)
Received: from GndRsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.241])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id WAA19010;
          Sun, 25 Aug 1996 22:25:50 -0700 (PDT)
Received: (from rgrimes@localhost) by GndRsh.aac.dev.com (8.6.12/8.6.12) id WAA18244; Sun, 25 Aug 1996 22:25:14 -0700
From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
Message-Id: <199608260525.WAA18244@GndRsh.aac.dev.com>
Subject: Re: cvs commit:  src/etc/mtree BSD.var.dist src/usr.sbin/rwhod rwhod.c
To: pst@freefall.freebsd.org (Paul Traina)
Date: Sun, 25 Aug 1996 22:25:14 -0700 (PDT)
Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org,
        cvs-etc@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org
In-Reply-To: <199608252137.OAA10073@freefall.freebsd.org> from Paul Traina at "Aug 25, 96 02:37:14 pm"
X-Mailer: ELM [version 2.4ME+ PL11 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> pst         96/08/25 14:37:12
> 
>   Modified:    etc/mtree  BSD.var.dist
>                usr.sbin/rwhod  rwhod.c
>   Log:
>   Fix buffer overrun, and run as nobody

Hummm... I take it that you set /var/rwho nobody:whoever mode 755, which
now means /var/rwho is open for writting into if /var is NFS exported...
and all the datafiles will be smashable by other NFS hosts :-(.


-- 
Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
Accurate Automation Company                 Reliable computers for FreeBSD

From owner-cvs-etc  Mon Aug 26 08:39:20 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id IAA19738
          for cvs-etc-outgoing; Mon, 26 Aug 1996 08:39:20 -0700 (PDT)
Received: from precipice.shockwave.com (ppp-206-170-5-89.rdcy01.pacbell.net [206.170.5.89])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id IAA19714;
          Mon, 26 Aug 1996 08:39:05 -0700 (PDT)
Received: from shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with ESMTP id IAA12326; Mon, 26 Aug 1996 08:38:44 -0700 (PDT)
Message-Id: <199608261538.IAA12326@precipice.shockwave.com>
To: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org,
        cvs-etc@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org
Subject: Re: cvs commit: src/etc/mtree BSD.var.dist src/usr.sbin/rwhod rwhod.c 
In-reply-to: Your message of "Sun, 25 Aug 1996 22:25:14 PDT."
             <199608260525.WAA18244@GndRsh.aac.dev.com> 
Date: Mon, 26 Aug 1996 08:38:44 -0700
From: Paul Traina <pst@shockwave.com>
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Introduce NFS and you eliminate security anyway.  It's actually 775
daemon.daemon I believe.

If you have a better suggestion, I'm all ears.  It's currently a compromise.

  From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
  Subject: Re: cvs commit:  src/etc/mtree BSD.var.dist src/usr.sbin/rwhod rwhod
>>.c
  > pst         96/08/25 14:37:12
  > 
  >   Modified:    etc/mtree  BSD.var.dist
  >                usr.sbin/rwhod  rwhod.c
  >   Log:
  >   Fix buffer overrun, and run as nobody
  
  Hummm... I take it that you set /var/rwho nobody:whoever mode 755, which
  now means /var/rwho is open for writting into if /var is NFS exported...
  and all the datafiles will be smashable by other NFS hosts :-(.
  
  
  -- 
  Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
  Accurate Automation Company                 Reliable computers for FreeBSD

From owner-cvs-etc  Mon Aug 26 09:47:02 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA24030
          for cvs-etc-outgoing; Mon, 26 Aug 1996 09:47:02 -0700 (PDT)
Received: from mail.barrnet.net (mail.barrnet.net [131.119.246.7])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA23828;
          Mon, 26 Aug 1996 09:42:48 -0700 (PDT)
Received: from GndRsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.241]) by mail.barrnet.net (8.7.5/MAIL-RELAY-LEN) with SMTP id JAA14659; Mon, 26 Aug 1996 09:42:28 -0700 (PDT)
Received: (from rgrimes@localhost) by GndRsh.aac.dev.com (8.6.12/8.6.12) id JAA18817; Mon, 26 Aug 1996 09:39:44 -0700
From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
Message-Id: <199608261639.JAA18817@GndRsh.aac.dev.com>
Subject: Re: cvs commit: src/etc/mtree BSD.var.dist src/usr.sbin/rwhod rwhod.c
To: pst@shockwave.com (Paul Traina)
Date: Mon, 26 Aug 1996 09:39:44 -0700 (PDT)
Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org,
        cvs-etc@freefall.freebsd.org, cvs-usrsbin@freefall.freebsd.org
In-Reply-To: <199608261538.IAA12326@precipice.shockwave.com> from Paul Traina at "Aug 26, 96 08:38:44 am"
X-Mailer: ELM [version 2.4ME+ PL11 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> Introduce NFS and you eliminate security anyway. 
                        ^^^^^^^^^  pretty strong word, you may decrease it,
but you don't eliminate it.  I'm not so worried about hackers as I am about
stupid things done by clients (people) on NFS clients (machines) that 
otherwise have reasonably restricted access to the server.

> It's actually 775 daemon.daemon I believe.

That I can live with.

> If you have a better suggestion, I'm all ears.  It's currently a compromise.

Run as sgid daemon perhaps?  And make the /var/rwho directory mode 575.

>   From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
>   Subject: Re: cvs commit:  src/etc/mtree BSD.var.dist src/usr.sbin/rwhod rwhod
> >>.c
>   > pst         96/08/25 14:37:12
>   > 
>   >   Modified:    etc/mtree  BSD.var.dist
>   >                usr.sbin/rwhod  rwhod.c
>   >   Log:
>   >   Fix buffer overrun, and run as nobody
>   
>   Hummm... I take it that you set /var/rwho nobody:whoever mode 755, which
>   now means /var/rwho is open for writting into if /var is NFS exported...
>   and all the datafiles will be smashable by other NFS hosts :-(.
>   
>   
>   -- 
>   Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
>   Accurate Automation Company                 Reliable computers for FreeBSD
> 


-- 
Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
Accurate Automation Company                 Reliable computers for FreeBSD

From owner-cvs-etc  Thu Aug 29 09:08:20 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA15904
          for cvs-etc-outgoing; Thu, 29 Aug 1996 09:08:20 -0700 (PDT)
Received: (from chuckr@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA15875;
          Thu, 29 Aug 1996 09:08:04 -0700 (PDT)
Date: Thu, 29 Aug 1996 09:08:04 -0700 (PDT)
From: Chuck Robey <chuckr>
Message-Id: <199608291608.JAA15875@freefall.freebsd.org>
To: CVS-committers, cvs-all, cvs-etc
Subject: cvs commit:  src/etc/mtree BSD.include.dist
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

chuckr      96/08/29 09:08:03

  Modified:    etc/mtree  BSD.include.dist
  Log:
  Add new include directories tcl, tcl/unix, and tcl/generic.
  Reviewed by:	Peter Wemm
  
  Revision  Changes    Path
  1.6       +7 -1      src/etc/mtree/BSD.include.dist

From owner-cvs-etc  Sat Aug 31 06:04:14 1996
Return-Path: owner-cvs-etc
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id GAA12818
          for cvs-etc-outgoing; Sat, 31 Aug 1996 06:04:14 -0700 (PDT)
Received: (from wosch@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id GAA12790;
          Sat, 31 Aug 1996 06:04:04 -0700 (PDT)
Date: Sat, 31 Aug 1996 06:04:04 -0700 (PDT)
From: Wolfram Schneider <wosch>
Message-Id: <199608311304.GAA12790@freefall.freebsd.org>
To: CVS-committers, cvs-all, cvs-etc
Subject: cvs commit:  src/etc/mtree BSD.usr.dist
Sender: owner-cvs-etc@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

wosch       96/08/31 06:04:04

  Modified:    etc/mtree  BSD.usr.dist
  Log:
  add forgotten share/doc/smm/10.named
  
  Revision  Changes    Path
  1.65      +3 -1      src/etc/mtree/BSD.usr.dist