Date: Thu, 17 Sep 2009 21:02:07 +0200 From: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> To: freebsd-questions@freebsd.org Cc: Ruben de Groot <mail25@bzerk.org>, Tom Worster <fsb@thefsb.org> Subject: Re: passing options thru '/etc/rc.d/foo start' Message-ID: <200909172102.07287.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> In-Reply-To: <20090917175533.GD34712@ei.bzerk.org> References: <C6D6B22B.127DE%fsb@thefsb.org> <200909171914.29389.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> <20090917175533.GD34712@ei.bzerk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 17 September 2009 19:55:33 Ruben de Groot wrote: > On Thu, Sep 17, 2009 at 07:14:29PM +0200, Mel Flynn typed: > > On Wednesday 16 September 2009 21:18:03 Tom Worster wrote: > > > On 9/16/09 2:37 PM, "Mel Flynn" > > > > > > <mel.flynn+fbsd.questions@mailing.thruhere.net> wrote: > > > > On Wednesday 16 September 2009 20:21:40 Chris Cowart wrote: > > > >> Tom Worster wrote: > > > >>> thanks, Mel, that's good to know. > > > >>> > > > >>> i think your suggestion of modifying rc.conf will turn out to be a > > > >>> tidy solution for me. > > > >> > > > >> You could also just put: > > > >> > > > >> sshd_flags="-o X11Forwarding=no" > > > >> > > > >> into your /etc/rc.conf file. > > > > > > > > What he wants is passing arguments without touching config files, > > > > which I find myself needing sometimes as well, on machines where > > > > static partitions are mounted read-only + kern.secure_level. > > > > > > that's right. > > > > > > when i read in 11.7 of the handbook: "Since the rc.d system is > > > primarily intended to start/stop services at system startup/shutdown > > > time, ..." i thought: maybe i'm making things hard by trying to use > > > rc.d scripts when i could just execute the daemon's binary. > > > > One downside I forgot to mention: > > You do open yourself up now to SSHD_FLAGS="-o AllowRoot=yes", so you may > > need to complicate the logic a bit more, by sanitizing SSHD_FLAGS. > > Please explain how this can be exploited by a non-root user? By adding this to .profile of compromised wheel account and waiting for him to run sudo -E or using an older version of sudo. Yes, it's an unlikely path. More to the point, it defeats having ro mounted /etc + secure level, since no reboot is required to modify the running sshd, so you're compromising your failsafe. -- Mel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909172102.07287.mel.flynn%2Bfbsd.questions>