From owner-freebsd-security@FreeBSD.ORG  Sat Jun 23 15:35:47 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 35121106566B;
	Sat, 23 Jun 2012 15:35:47 +0000 (UTC) (envelope-from des@des.no)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
	by mx1.freebsd.org (Postfix) with ESMTP id E77D88FC12;
	Sat, 23 Jun 2012 15:35:46 +0000 (UTC)
Received: from ds4.des.no (smtp.des.no [194.63.250.102])
	by smtp.des.no (Postfix) with ESMTP id 2C4E56538;
	Sat, 23 Jun 2012 15:35:46 +0000 (UTC)
Received: by ds4.des.no (Postfix, from userid 1001)
	id EEB10895F; Sat, 23 Jun 2012 17:35:45 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Garance A Drosehn <gad@FreeBSD.org>
References: <201206221715.q5MHFPJW052099@fire.js.berklix.net>
	<4FE4B57C.1040701@FreeBSD.org>
Date: Sat, 23 Jun 2012 17:35:45 +0200
In-Reply-To: <4FE4B57C.1040701@FreeBSD.org> (Garance A. Drosehn's message of
	"Fri, 22 Jun 2012 14:12:12 -0400")
Message-ID: <86r4t6yram.fsf@ds4.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-security@FreeBSD.org, "Julian H. Stacey" <jhs@berklix.com>
Subject: Re: / owned by bin causes sshd to complain bad ownership
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jun 2012 15:35:47 -0000

Garance A Drosehn <gad@FreeBSD.org> writes:
> At one time I read that having directories/files owned by root was a
> security benefit when considering the -maproot=3D<x> for NFS exports.
> All unix systems recognize UID=3D0 means root, and there is no other
> UID which all unix systems agree on.  Disclaimer:  I rarely use NFS,
> so I don't really pay attention to the details.  I may have the wrong
> idea for what the advantage is, but it was some kind of connection
> with UID=3D0 and NFS exports or imports.

-maproot=3Dfoo means that requests coming from root on the client are
treated as if the came from the user "foo" instead.

If binaries are owned by bin, root on the client can su to bin and
modify them.  If they are owned by root and the server maps root to an
unprivileged user (e.g. "nobody"), root on the client can't touch them.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no