Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 4 Jun 2001 22:44:05 -0400
From:      Kevin Way <kevin.way@overtone.org>
To:        Kevin Way <kevin.way@overtone.org>
Cc:        wkb@freebie.demon.nl, hackers@freebsd.org
Subject:   Re: speeding up /etc/security
Message-ID:  <20010604224405.A43677@bean.overtone.org>
In-Reply-To: <20010604200828.A41130@bean.overtone.org>; from kevin.way@overtone.org on Mon, Jun 04, 2001 at 08:08:28PM -0400
References:  <p05100300b741879b7bc3@[192.168.168.205]> <Pine.LNX.4.21.0106041205070.3177-100000@zeppo.feral.com> <20010604211909.B1112@freebie.demon.nl> <20010604200828.A41130@bean.overtone.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--7AUc2qLy4jB3hD7Z
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

> The answer there is 'sort of'.  /etc/security checks all ufs partitions
> that aren't marked nosuid.  if you're using anything other than UFS
> (e.g. MFS,ext2,whatever), it's not getting checked at all.

i hate to followup to my own message, but in order for the SUID checks to
be accurate, is there a reson we don't do something like the following?

--- security.orig	Mon Jun  4 22:26:01 2001
+++ security    Mon Jun  4 22:31:47 2001

@@ -69,7 +69,7 @@
 # Note that one of the original problems, the possibility of overrunning
 # the args to ls, is still here...
 #
-MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
+MP=`( mount -t cd9660; mount -t ext2fs; mount -t ffs; mount -t ifs; mount -t lfs; mount -t mfs; mount -t ufs ) | grep -v ' nosuid' | awk '{ print $3 }' | sort` set ${MP}
 while [ $# -ge 1 ]; do
       mount=$1


	-Kevin Way

--7AUc2qLy4jB3hD7Z
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7HEd1KxA01iDoLN4RAtgvAKCB8IEZzjJ0NHKNMWEF0yHEYgFR1wCeLGy5
MuGf6b4UvcMMha1qz7HwpWQ=
=SYCQ
-----END PGP SIGNATURE-----

--7AUc2qLy4jB3hD7Z--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010604224405.A43677>