Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Dec 1999 15:13:21 +0100
From:      Harold Gutch <logix@foobar.franken.de>
To:        Stan Brown <stanb@netcom.com>, FreeBSD Stable List <freebsd-stable@FreeBSD.ORG>
Subject:   Re: Huge differences in suid programs ?
Message-ID:  <19991227151321.A18099@foobar.franken.de>
In-Reply-To: <199912271336.FAA14584@netcom.com>; from Stan Brown on Mon, Dec 27, 1999 at 08:36:11AM -0500
References:  <199912271336.FAA14584@netcom.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 27, 1999 at 08:36:11AM -0500, Stan Brown wrote:
> 	I cvsuped 3 machines and did a make worlds on the yesterday. I got HUGE
> 	differences on the suid files in the security report this morning:
> 
> 
> 
> polar.fas.com setuid diffs:
> 1,12c1,12
> < -r-xr-sr-x  1 root  operator   51196 Dec  5 22:22:13 1999 /bin/df
> < -r-xr-sr-x  1 root  kmem      189664 Dec  5 22:22:26 1999 /bin/ps
> < -r-sr-xr-x  1 root  wheel     208408 Dec  5 22:22:29 1999 /bin/rcp
> < -r-xr-sr-x  1 root  kmem      100148 Dec  5 22:33:20 1999 /sbin/ccdconfig
> < -r-xr-sr-x  1 root  kmem      103696 Dec  5 22:33:27 1999 /sbin/dmesg
> < -r-xr-sr-x  2 root  tty       221736 Dec  5 22:33:28 1999 /sbin/dump
> < -r-sr-xr-x  1 root  wheel     145528 Dec  5 22:34:11 1999 /sbin/ping
> < -r-xr-sr-x  2 root  tty       221736 Dec  5 22:33:28 1999 /sbin/rdump
> < -r-xr-sr-x  2 root  tty       244920 Dec  5 22:34:16 1999 /sbin/restore
> < -r-sr-xr-x  1 root  wheel     153760 Dec  5 22:34:18 1999 /sbin/route
> < -r-xr-sr-x  2 root  tty       244920 Dec  5 22:34:16 1999 /sbin/rrestore
> < -r-sr-x---  1 root  operator  151712 Dec  5 22:34:22 1999 /sbin/shutdown
> ---
> > -r-xr-sr-x  1 root  operator   51204 Dec 26 15:01:26 1999 /bin/df
> > -r-xr-sr-x  1 root  kmem      190016 Dec 26 15:01:40 1999 /bin/ps
> > -r-sr-xr-x  1 root  wheel     208408 Dec 26 15:01:43 1999 /bin/rcp
> > -r-xr-sr-x  1 root  kmem      100156 Dec 26 15:12:33 1999 /sbin/ccdconfig
> > -r-xr-sr-x  1 root  kmem      103872 Dec 26 15:12:39 1999 /sbin/dmesg
> > -r-xr-sr-x  2 root  tty       221768 Dec 26 15:12:40 1999 /sbin/dump
> > -r-sr-xr-x  1 root  wheel     145544 Dec 26 15:13:24 1999 /sbin/ping
> > -r-xr-sr-x  2 root  tty       221768 Dec 26 15:12:40 1999 /sbin/rdump
> > -r-xr-sr-x  2 root  tty       244920 Dec 26 15:13:28 1999 /sbin/restore
> > -r-sr-xr-x  1 root  wheel     153760 Dec 26 15:13:30 1999 /sbin/route
> > -r-xr-sr-x  2 root  tty       244920 Dec 26 15:13:28 1999 /sbin/rrestore
> > -r-sr-x---  1 root  operator  151712 Dec 26 15:13:36 1999 /sbin/shutdown
[...]
> 
> 
> 	Whats going on here?

The suid binaries got built and installed during your "make world"
and thus have new timestamps as you can see.
As the new output of "ls -l" is different to the old one,
/etc/security will complain about exactly these differences that
you see above.

The end line is that this behaviour is perfectly normal after
having done "make world" or "make installworld".

bye,
  Harold

-- 
Someone should do a study to find out how many human life spans have
been lost waiting for NT to reboot.
              Ken Deboy on Dec 24 1999 in comp.unix.bsd.freebsd.misc


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991227151321.A18099>