Date: Thu, 19 Jul 2007 00:20:06 GMT From: "Ighighi Ighighi" <ighighi@gmail.com> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/112754: VERY SERIOUS security bug in sysutils/eject Message-ID: <200707190020.l6J0K6DV009159@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/112754; it has been noted by GNATS. From: "Ighighi Ighighi" <ighighi@gmail.com> To: "Cristian KLEIN" <cristi@net.utcluj.ro> Cc: bug-followup@freebsd.org Subject: Re: ports/112754: VERY SERIOUS security bug in sysutils/eject Date: Wed, 18 Jul 2007 20:01:30 -0400 The setuid bit isn't necessary... It's documented in the handbook how to setup /etc/devfs.conf. Most people use the "operator" group for this but you may as well create "media" $ grep acd0 /etc/devfs.conf link acd0 cdrom own acd0 root:media perm acd0 0660 So, if "cdcontrol -f /dev/acd0 eject" works, there's no need at all for setuid eject(8). IMO, it's bad practice to abuse such bits when permissions suffice. On 7/18/07, Cristian KLEIN <cristi@net.utcluj.ro> wrote: > Besides the change suggested by the reporter, I would also recommend the > following pkg-message: > > NOTE: This port is no longer installed with SETUID, because it allows > non-privileged users to unmount a filesystem. To enable your users to > eject the CD-ROM, install security/sudo and enter the following line in > /usr/local/etc/sudoers: > > %users ALL=/usr/local/sbin/eject /dev/acd0 > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200707190020.l6J0K6DV009159>