Date: Sun, 19 Apr 1998 12:22:17 -0400 (EDT) From: "Jordyn A. Buchanan" <jordyn@bestweb.net> To: Marc Slemko <marcs@znep.com> Cc: Niall Smart <rotel@indigo.ie>, freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs Message-ID: <Pine.BSF.3.96.980419121146.11460E-100000@miro.bestweb.net> In-Reply-To: <Pine.BSF.3.95.980419094941.16057k-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 Apr 1998, Marc Slemko wrote: > On Sun, 19 Apr 1998, Niall Smart wrote: > > I think the point he was making was that most users don't use UUCP, and > > therefore we shouldn't be shipping UUCP related utilities with set[ug]id > > bits. Presumably if you can configure UUCP you can use chmod. > > Erm... that is an extremely poor policy. Figuring out what needs to be > setuid or setgid to what isn't trivial. I'm not sure what you are trying > to save here. What is the real issue if someone compromises the user or > group uucp? I guess that uucico, which is setgid to dialer, gives them > something. If they compromise the uucp uid then they can mess with the > uuucp binaries which someone may try to run sometime for some reason, but > I really don't see how it is enough to warrant shipping broken programs. I'm not going to answer most of the concerns above (Mr. Slemko is probably correct, the implications of getting uid uucp access aren't so profound, but perhaps the discussion should be returned to a more generic consideration of how to deal with the many setuid/setgid binaries in the FreeBSD distribution these days), but I will suggest that there is perhaps a middle ground. Why not ship rarely used sets of setuid/setgid binaries with the setXid bit off, but also include a script that allows an administrator to activate them? Such an approach doesn't require that the administrator have intimate details of what needs to be setuid or setgid, but it does require that he or she needs the functionality before scattering setuid binaries across the system. Jordyn |---------------------------------------------------------------| |Jordyn A. Buchanan jordyn@bestweb.net| |Bestweb Corporation http://www.bestweb.net| |Director of Technology +1.914.271.4500| |---------------------------------------------------------------| To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980419121146.11460E-100000>