Date: Sat, 23 Jan 1999 13:26:13 +0100 From: The Unicorn <unicorn@unicorn.xs4all.nl> To: Robert Watson <robert+freebsd@cyrus.watson.org>, cjclark@home.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: bin Directory Ownership Message-ID: <19990123132613.A21293@unicorn.quux.org> In-Reply-To: <Pine.BSF.3.96.990123055843.17775A-100000@fledge.watson.org>; from Robert Watson on Sat, Jan 23, 1999 at 06:01:40AM -0500 References: <199901230414.XAA02392@cc942873-a.ewndsr1.nj.home.com> <Pine.BSF.3.96.990123055843.17775A-100000@fledge.watson.org>
index | next in thread | previous in thread | raw e-mail
On Sat, Jan 23, 1999 at 06:01:40AM -0500, Robert Watson wrote:
>
> You are correct--there is no security improvement through the use of the
> bin user. However, it is also the case that (aside from false assumptions
> about some improvement) security is probably not damaged by having a bin
> user. I am in the process of some research analyzing the impact of file
> and directory ownership affecting the UNIX trust model (especially w.r.t.
> setuid and setgid binaries). I will post the results when I finish up
> (probably in a month or so). Access to the bin account is very limited;
> effectively, to acquire a uid bin process capable of modifying the
> binaries, you would first have to have a uid root process that you had
> subverted.
This is not always the case. Have a look at the old but still valid
paper from Wietse and Dan: "admin-guide-to-cracking-101" also known as
"Improving the Security of Your Site by Breaking Into it". Especially
the part on the use of rsh and the wildcard in the /etc/hosts.equiv file
(yeah, I know that allowing the r-commands is a BIG NO-NO ;-).
> Robert N Watson
---end quoted text---
Ciao,
Unicorn.
--
======= _ __,;;;/ TimeWaster ================================================
,;( )_, )~\| A Truly Wise Man Never Plays PGP: 64 07 5D 4C 3F 81 22 73
;; // `--; Leapfrog With A Unicorn... 52 9D 87 08 51 AA 35 F0
==='= ;\ = | ==== Youth is not a time in Life, It is a State of Mind! =======
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990123132613.A21293>