From owner-freebsd-security  Sat Jan 23 04:32:47 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id EAA26222
          for freebsd-security-outgoing; Sat, 23 Jan 1999 04:32:47 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from smtp1.xs4all.nl (smtp1.xs4all.nl [194.109.6.51])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA26216
          for <freebsd-security@FreeBSD.ORG>; Sat, 23 Jan 1999 04:32:42 -0800 (PST)
          (envelope-from unicorn@unicorn.xs4all.nl)
Received: from unicorn.xs4all.nl (1001@unicorn.xs4all.nl [194.109.83.155])
	by smtp1.xs4all.nl (8.8.8/8.8.8) with ESMTP id NAA17810;
	Sat, 23 Jan 1999 13:32:26 +0100 (CET)
Received: (from unicorn@localhost)
	by unicorn.xs4all.nl (8.8.8/8.8.8) id NAA21827;
	Sat, 23 Jan 1999 13:26:13 +0100 (CET)
	(envelope-from unicorn)
Message-ID: <19990123132613.A21293@unicorn.quux.org>
Date: Sat, 23 Jan 1999 13:26:13 +0100
From: The Unicorn <unicorn@unicorn.xs4all.nl>
To: Robert Watson <robert+freebsd@cyrus.watson.org>, cjclark@home.com
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: bin Directory Ownership
References: <199901230414.XAA02392@cc942873-a.ewndsr1.nj.home.com> <Pine.BSF.3.96.990123055843.17775A-100000@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <Pine.BSF.3.96.990123055843.17775A-100000@fledge.watson.org>; from Robert Watson on Sat, Jan 23, 1999 at 06:01:40AM -0500
X-GSM: +31 XXX XXX XXX
X-Files: The Truth Is Out There!
X-RSAkey: http://keys.pgp.com:11371/pks/lookup?op=get&search=0x0A7B84E7
X-DSSkey: http://keys.pgp.com:11371/pks/lookup?op=get&search=0x0BBF4902
X-Copyright-0: Portions of this message may be subject to copyright.
X-Copyright-1: (c)1994-1998 Hans "Unicorn" Van de Looy.
X-Disclaimer-0: Comments contained do not necessarily represent
X-Disclaimer-1: those of my current employer.
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, Jan 23, 1999 at 06:01:40AM -0500, Robert Watson wrote:
> 
> You are correct--there is no security improvement through the use of the
> bin user.  However, it is also the case that (aside from false assumptions
> about some improvement) security is probably not damaged by having a bin
> user.  I am in the process of some research analyzing the impact of file
> and directory ownership affecting the UNIX trust model (especially w.r.t.
> setuid and setgid binaries).  I will post the results when I finish up
> (probably in a month or so).  Access to the bin account is very limited;
> effectively, to acquire a uid bin process capable of modifying the
> binaries, you would first have to have a uid root process that you had
> subverted.

This is  not always the  case. Have  a look at  the old but  still valid
paper from  Wietse and Dan: "admin-guide-to-cracking-101"  also known as
"Improving the  Security of Your  Site by Breaking Into  it". Especially
the part on the use of rsh and the wildcard in the /etc/hosts.equiv file
(yeah, I know that allowing the r-commands is a BIG NO-NO ;-).

>   Robert N Watson

---end quoted text---

Ciao,
Unicorn.
-- 
======= _ __,;;;/ TimeWaster ================================================
     ,;( )_, )~\| A Truly Wise Man Never Plays   PGP: 64 07 5D 4C 3F 81 22 73
    ;; //  `--;     Leapfrog With A Unicorn...        52 9D 87 08 51 AA 35 F0
==='= ;\ = | ==== Youth is not a time in Life, It is a State of Mind! =======


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message