Date: Mon, 11 Apr 2005 14:45:31 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: freebsd-security@freebsd.org Subject: /etc/rc.bsdextended: am I misunderstanding this..? Message-ID: <Pine.GSO.4.61.0504111434030.18516@mail.ilrt.bris.ac.uk>
next in thread | raw e-mail | index | archive | help
Can someone clear something up for me?
[[[
# For apache to read user files, the ruleadd must give
# it permissions by default.
####
${CMD} add subject uid 80 object not uid 80 mode rxws;
${CMD} add subject gid 80 object not gid 80 mode rxws;
]]]
Doesn't the above mean that an apache user (eg, user-supplied CGI
process, PHP script, etc) has the ability to read (and write!) anything
in the filesystem?
Similarly: mailnull, majordomo, bin, etc, appear to get "elevated"
privileges via this file and mac_bsdextended.
[[[
####
# For cyrus:
${CMD} add subject uid 60 object not uid 60 mode rxws;
${CMD} add subject gid 60 object not gid 60 mode rxws;
]]]
Cyrus is a "black box" mail server: the cyrus user normally winds up
owning anything that the IMAP server needs to touch.
[[[
# For the nobody account:
${CMD} add subject uid 65534 object not uid 65534 mode rxws;
${CMD} add subject gid 65534 object not gid 65534 mode rxws;
]]]
... and doesn't this (almost, no "a" flag) completely negate the point
of the nobody account in the first instance?
Not quite getting it,
jan
--
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44 (0)117 9287088 (with luck) http://ioctl.org/jan/
I shave with Occam's Razor.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.61.0504111434030.18516>