Date: Sat, 23 Jan 1999 10:51:27 -0500 (EST) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: robert+freebsd@cyrus.watson.org Cc: cjclark@home.com, freebsd-security@FreeBSD.ORG Subject: Re: bin Directory Ownership Message-ID: <199901231551.KAA05725@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <Pine.BSF.3.96.990123055843.17775A-100000@fledge.watson.org> from Robert Watson at "Jan 23, 99 06:01:40 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote, > Access to the bin account is very limited; > effectively, to acquire a uid bin process capable of modifying the > binaries, you would first have to have a uid root process that you had > subverted. I realize that, but the argument goes that if someone /did/ access root, he could give himself long-term access to bin and possibly other administrative users. Since the actions of these other administrative users are not as tightly watched as root (e.g. no syslog message when you su to one), it might be possible to maintain access for a long time (even if the original way he accessed root had been closed). BTW, I am running a 2.2.*, 2.2.7. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901231551.KAA05725>