From owner-freebsd-security Thu Jul 18 05:16:59 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id FAA14804 for security-outgoing; Thu, 18 Jul 1996 05:16:59 -0700 (PDT) Received: from kdat.calpoly.edu (kdat.csc.calpoly.edu [129.65.54.101]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id FAA14799 for ; Thu, 18 Jul 1996 05:16:57 -0700 (PDT) Received: (from nlawson@localhost) by kdat.calpoly.edu (8.6.12/N8) id FAA00973; Thu, 18 Jul 1996 05:16:54 -0700 From: Nathan Lawson Message-Id: <199607181216.FAA00973@kdat.calpoly.edu> Subject: Re: suidness of /usr/bin/login To: taob@io.org (Brian Tao) Date: Thu, 18 Jul 1996 05:16:54 -0700 (PDT) Cc: freebsd-security@freebsd.org In-Reply-To: from "Brian Tao" at Jul 16, 96 00:37:14 am X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > On 16 Jul 1996, Michael Graff wrote: > > > > you can always use ``login foo'' and that is supposed to let someone else > > log in, kinda in mid session and all. > > Hmmm... that's hardly ever done, at least around here. "exec > telnet localhost" would serve the same purpose, I guess. I run all my systems with login mode 500. I also keep su group wheel, but not world executable. My justification for this is that there should only be one legitimate way into the system (telnet/login), making it easier to monitor that one door. I see no reason to leave shell users with any method of switching to another account without reauthenticating themselves. Please note that this policy is used for my ISP's, and yours may vary according to your application. -- Nate Lawson "There are a thousand hacking at the branches of CPE Senior evil to one who is striking at the root." CSL Admin -- Henry David Thoreau, 'Walden', 1854