From owner-freebsd-security  Thu Apr  2 07:09:18 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA22544
          for freebsd-security-outgoing; Thu, 2 Apr 1998 07:09:18 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from fledge.watson.org (root@FLEDGE.RES.CMU.EDU [128.2.91.116])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA22536
          for <freebsd-security@FreeBSD.ORG>; Thu, 2 Apr 1998 07:09:12 -0800 (PST)
          (envelope-from robert@cyrus.watson.org)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.8.8/8.6.10) with SMTP id JAA21522; Thu, 2 Apr 1998 09:57:13 -0500 (EST)
Date: Thu, 2 Apr 1998 09:57:13 -0500 (EST)
From: Robert Watson <robert@cyrus.watson.org>
X-Sender: robert@fledge.watson.org
Reply-To: Robert Watson <robert+freebsd@cyrus.watson.org>
To: Anton Voronin <anton@urc.ac.ru>
cc: Alfred Perlstein <perlsta@cs.sunyit.edu>, freebsd-security@FreeBSD.ORG
Subject: Re: Is there a safe way for filesystem export?
In-Reply-To: <35237E24.CF00B4D5@urc.ac.ru>
Message-ID: <Pine.BSF.3.96.980402095142.21311B-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

On Thu, 2 Apr 1998, Anton Voronin wrote:

> > i'd suggest -maproot=nobody
> > also, make whatever dir's readonly if possible and nosuid where applicable.
>
> Unfortunately, mapping root to nobody is impossible while xdm writes into
> .Xauthority in users home directories and dirs like authdir or xkb.compiled.
> I'm affraid this topic is out of this mailing list, but would appreciate any
> advise on how to avoid the need of mapping root to root.

Anton,

I have never experienced the problem you describe -- I ran for a long time
last summer on a FreeBSD 2.2.1 (or was it .2?) with XFree86 and xdm
running, and my home directory mounted from a Solaris file server where
NFS-root was mapped to nobody.  In the version of xdm I am currently
running (patched for Krb4), the call to SetUserAuthorization is definitely
after the setting of credentials on the child process.


  Robert N Watson 


----
Carnegie Mellon University  http://www.cmu.edu/
Trusted Information Systems http://www.tis.com/
SafePort Network Services   http://www.safeport.com/
robert@fledge.watson.org    http://www.watson.org/~robert/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message