Date: Sun, 19 Apr 1998 20:16:09 -0600 From: Wes Peters <softweyr@xmission.com> To: Marc Slemko <marcs@znep.com> Cc: Niall Smart <rotel@indigo.ie>, freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs Message-ID: <353AAFE9.9D0A61FF@xmission.com> References: <Pine.BSF.3.95.980419094941.16057k-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Marc Slemko wrote:
>
> On Sun, 19 Apr 1998, Niall Smart wrote:
> > I think the point he was making was that most users don't use UUCP, and
> > therefore we shouldn't be shipping UUCP related utilities with set[ug]id
> > bits. Presumably if you can configure UUCP you can use chmod.
>
> Erm... that is an extremely poor policy. Figuring out what needs to be
> setuid or setgid to what isn't trivial. I'm not sure what you are trying
> to save here. What is the real issue if someone compromises the user or
> group uucp? I guess that uucico, which is setgid to dialer, gives them
> something. If they compromise the uucp uid then they can mess with the
> uuucp binaries which someone may try to run sometime for some reason, but
> I really don't see how it is enough to warrant shipping broken programs.
It would probably be better to pull all of UUCP into a separate install
package, so users who don't use it could simply not install it. This
way, the install package could install all of the UUCP binaries with the
correct permissions, and users who don't need UUCP lower their suid/sgid
impact.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.softweyr.com/~softweyr wes@softweyr.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?353AAFE9.9D0A61FF>