Date: Mon, 28 Jul 1997 15:01:53 -0700 (PDT) From: Vincent Poy <vince@mail.MCESTATE.COM> To: Adam Shostack <adam@homeport.org> Cc: langfod@dihelix.com, security@FreeBSD.ORG, mario1@PrimeNet.Com, johnnyu@accessus.net Subject: Re: security hole in FreeBSD Message-ID: <Pine.BSF.3.95.970728150126.3844H-100000@mail.MCESTATE.COM> In-Reply-To: <199707282004.QAA07078@homeport.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jul 1997, Adam Shostack wrote: =)Vincent Poy wrote: =)| =)My suggestion to you would be to get a clean source tree, recompile everything =)| =)and install tripwire. =)| =)| I'll do that as soon as the machine comes back up. I heard that =)| suid programs can be a problem too but which ones are required to be suid? =) =) =) su really should be setuid. Everything else is debatable. My =)advice is to turn off all setuid bits except those you know you need =)(possibly w, who, ps, ping, at, passwd) Isn't traceroute supposed to be suid also? Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970728150126.3844H-100000>