Date: Sun, 9 Sep 2001 18:07:52 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: Matt Dillon <dillon@earth.backplane.com> Cc: Mike Tancsa <mike@sentex.net>, <security@FreeBSD.ORG> Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Message-ID: <20010909174638.Q3607-100000@alphplex.bde.org> In-Reply-To: <200109082045.f88KjjK29003@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 8 Sep 2001, Matt Dillon wrote:
> We should probably chflags all binaries that are not owned by root
> but might be run by root 'schg'. At the very least. That's in
> addition to any fix of the problem. These binaries really have got
> to be set 'schg'.
>
> -r-sr-sr-x 1 uucp dialer 123888 Jul 23 22:22 cu
> -r-sr-xr-x 1 man wheel 28512 Jul 23 22:22 man
> -r-xr-xr-x 1 uucp dialer 38340 Jul 23 22:24 tip
^^^
> -r-sr-xr-x 1 uucp wheel 88228 Jul 23 22:22 uucp
> -r-sr-xr-x 1 uucp wheel 37312 Jul 23 22:22 uuname
> -r-sr-sr-x 1 uucp dialer 96752 Jul 23 22:22 uustat
> -r-sr-xr-x 1 uucp wheel 88844 Jul 23 22:22 uux
>
> chflags schg /usr/bin/{cu,man,tip,uucp,uuname,uustat,uux}
tip isn't one of these. It has bogus ownership in case the BINMODE in
its Makefile is uncommented.
I don't see how schg'ing these binaries makes them significantly more
secure. These binaries are not writable by uucp. They are writable
by root, but root can just as easily un-schg them as write them.
If schg'ing these binaries somhow helps, then it is probably also needed
for:
-r-sr-sr-x 1 uucp dialer - 550956 Aug 21 09:38 /usr/libexec/uucp/uucico
-r-sr-s--- 1 uucp uucp - 425944 Aug 21 09:38 /usr/libexec/uucp/uuxqt
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010909174638.Q3607-100000>