From owner-cvs-all Sun Sep 9 1:49: 6 2001 Delivered-To: cvs-all@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-54.dsl.lsan03.pacbell.net [63.207.60.54]) by hub.freebsd.org (Postfix) with ESMTP id E62DA37B405; Sun, 9 Sep 2001 01:48:59 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 89F0466D0A; Sun, 9 Sep 2001 01:48:59 -0700 (PDT) Date: Sun, 9 Sep 2001 01:48:59 -0700 From: Kris Kennaway To: Brian Somers Cc: Matt Dillon , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/tip/tip Makefile src/gnu/libexec/uucp/cu Makefile src/gnu/libexec/uucp/uucp Makefile src/gnu/libexec/uucp/uuname Makefile src/gnu/libexec/uucp/uustat Makefile src/gnu/libexec/uucp/uux Makefile Message-ID: <20010909014859.B49467@xor.obsecurity.org> References: <200109090839.f898dJJ14239@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="dc+cDN39EJAMEtIO" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200109090839.f898dJJ14239@hak.lan.Awfulhak.org>; from brian@freebsd-services.com on Sun, Sep 09, 2001 at 09:39:19AM +0100 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --dc+cDN39EJAMEtIO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Sep 09, 2001 at 09:39:19AM +0100, Brian Somers wrote: > > dillon 2001/09/08 21:54:10 PDT > >=20 > > Modified files: > > usr.bin/tip/tip Makefile=20 > > gnu/libexec/uucp/cu Makefile=20 > > gnu/libexec/uucp/uucp Makefile=20 > > gnu/libexec/uucp/uuname Makefile=20 > > gnu/libexec/uucp/uustat Makefile=20 > > gnu/libexec/uucp/uux Makefile=20 > > Log: > > Make sure that all non-root-owned binaries in standard system > > paths are chflaged 'schg' to prevent exploit vectors when run > > by cron, by a root user, or by a user other then the one owning the > > binary. This applies to most of the uucp binaries, cu, tip, and > > man (man was already installed properly). > > =20 > > MFC will occur when approved. > >=20 > > Revision Changes Path > > 1.12 +2 -1 src/usr.bin/tip/tip/Makefile > > 1.9 +2 -1 src/gnu/libexec/uucp/cu/Makefile > > 1.7 +2 -1 src/gnu/libexec/uucp/uucp/Makefile > > 1.6 +2 -2 src/gnu/libexec/uucp/uuname/Makefile > > 1.6 +2 -1 src/gnu/libexec/uucp/uustat/Makefile > > 1.7 +2 -1 src/gnu/libexec/uucp/uux/Makefile >=20 > Why are you doing this ? You need to protect the parent directories=20 > if you hope to protect the contents. >=20 > This just prevents foot-shooting. No, there's an exploit in most of these binaries giving uid uucp access. Since these binaries are owned by uucp, that would let arbitrary users replace the binaries with their own contents. That's called a "trojan" :) Kris --dc+cDN39EJAMEtIO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7myz6Wry0BWjoQKURAhK+AKC60pIZxBLoZQGtRDUKpT7apKM0dQCgvEQY g9MrOxFd62WssNIzv9cGHV0= =Hojx -----END PGP SIGNATURE----- --dc+cDN39EJAMEtIO-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message