Date: Sat, 23 Jan 1999 10:51:27 -0500 (EST) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: robert+freebsd@cyrus.watson.org Cc: cjclark@home.com, freebsd-security@FreeBSD.ORG Subject: Re: bin Directory Ownership Message-ID: <199901231551.KAA05725@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <Pine.BSF.3.96.990123055843.17775A-100000@fledge.watson.org> from Robert Watson at "Jan 23, 99 06:01:40 am"
index | next in thread | previous in thread | raw e-mail
Robert Watson wrote, > Access to the bin account is very limited; > effectively, to acquire a uid bin process capable of modifying the > binaries, you would first have to have a uid root process that you had > subverted. I realize that, but the argument goes that if someone /did/ access root, he could give himself long-term access to bin and possibly other administrative users. Since the actions of these other administrative users are not as tightly watched as root (e.g. no syslog message when you su to one), it might be possible to maintain access for a long time (even if the original way he accessed root had been closed). BTW, I am running a 2.2.*, 2.2.7. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901231551.KAA05725>