Date: Fri, 22 Jun 2012 22:04:47 -0400 From: Jason Hellenthal <jhellenthal@dataix.net> To: freebsd-security@freebsd.org Subject: Re: / owned by bin causes sshd to complain bad ownership Message-ID: <20120623020447.GA64202@DataIX.net> In-Reply-To: <20120622231140.GH8651@netmon.tcworks.net> References: <20120622155928.GA9983@DataIX.net> <201206221715.q5MHFPJW052099@fire.js.berklix.net> <20120622231140.GH8651@netmon.tcworks.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 22, 2012 at 06:11:40PM -0500, Scott Lambert wrote: > On Fri, Jun 22, 2012 at 07:15:25PM +0200, Julian H. Stacey wrote: > > Jason Hellenthal wrote: > > > > > > On Fri, Jun 22, 2012 at 03:43:47PM +0200, Julian H. Stacey wrote: > > > > Over use of Root seems Bad. > > > > Our ownership scheme has degraded compared to early 1980s Unix, where > > > > most bin & lib files & dirs were owned by bin, except for > > > > - a few SUID bins that Needed root > > > > - occasional administrator droppings, > > > > temporary accidental files that glared at the eyeball, > > > > as root, cos near all else was just bin. > > > > > > > > IMO very little in a system should be user root. > > > > > > > > Apologies, but to guide replies : > > > > (after threads burnt by a troll on another list) > > > > I'd not appreciate replies just along the lines of > > > > "It has to be to satisfy existing software". > > > > I'd much rather receive replies along lines of > > > > "What would be best ownership scheme, advantages & > > > > disadvantages + should we change anything ?" > > > > > > > > > > It is not really clear why you would want to change the permissions of > > > root:wheel of / on any of these. > > > > To Increase security. > > More visual prompting of when juniot admins blunder& cerate > > junk as root > > A SUID with bin has less power than a SUID with uid=root > > Currently every binary in the system is one bit away from the jackpot, > > SUID root, why not convert most binaries to uid=bin, thenmost binaries > > are 2 bits away from jackpot, more safety in event of a blunder too. > > > > > root is the owner of the system ... it > > > > Only because it currently is, & you'r used to it ;-) > > Remember back a few decades, Think more deeply, Why do you think it > > _needs_ to be ? Unix didnt used to Want that, it was usualy a blunder when > > it occured. > > > > look at /etc/passwd > > root: entry has the shell, > > bin: entry is more limited, just has /sbin/nologin > > Would not a 0:0 / (or all system directory entries) help limit the > damage possible if a junior admin sets suid on a random, possibly > bogus, bin:bin binary? > Lets not forget here that some SUID binaries need root:0 access to the system ... those that are accessing master.passwd for instance. Or those that drop prives to nobody after using root access. Are you bound and determined as an admin that you will ultimately seek out and set those seperate from what you want the system to have. Madatory Access Controls are much better suited for the problem you are trying to solve rather than changing security principles in an unforgiving manner. -- - (2^(N-1))
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120623020447.GA64202>