From owner-freebsd-security Wed Nov 15 13:11:12 2000 Delivered-To: freebsd-security@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 81FCC37B4FE; Wed, 15 Nov 2000 13:11:07 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id eAFLCQ521776; Wed, 15 Nov 2000 13:12:26 -0800 (PST) (envelope-from kris) Date: Wed, 15 Nov 2000 13:12:26 -0800 From: Kris Kennaway To: Kris Kennaway Cc: Rossen Raykov , security@FreeBSD.ORG Subject: Re: problem using sysinstall Message-ID: <20001115131226.A21677@citusc17.usc.edu> References: <003f01c04f3e$3c77e170$4c00000a@sage> <20001115125148.A21232@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="IJpNTDwzlM2Ie8A6" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001115125148.A21232@citusc17.usc.edu>; from kris@FreeBSD.ORG on Wed, Nov 15, 2000 at 12:51:48PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 15, 2000 at 12:51:48PM -0800, Kris Kennaway wrote: > On Wed, Nov 15, 2000 at 02:57:08PM -0500, Rossen Raykov wrote: >=20 > > My question is : is it normal to achieve such a results after this acti= on? > > Is the sysinstall behavior correct? Why there ware no warnings about ch= anges > > in /etc/passwd? > > Is it normal the behavior on toor alias? >=20 > Installing the bin distribution overwrites /etc (along with > overwriting all other parts of the base system, like you asked it to). >=20 > Live remote upgrades of a running system like this are dangerous for > that reason. I did think sysinstall prompted for a root password, > though. Even so, since you're installing on a multi-user system with I overlooked the fact that your ssh connection was disconnected before the upgrade finished - I assume this explains why you weren't prompted, since systinstall was terminated when you disconnected. However my previous note about the race condition still stands. There's not much which can be done about this - basically, you should be only doing OS upgrade work on a single-user box via the console or serial console. Kris P.S. Why are you allowing remote root logins, anyway? --IJpNTDwzlM2Ie8A6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoS/DoACgkQWry0BWjoQKUt/QCfVKweHoN8kMPR/CpxWALRpKP2 HHgAoOXaD467O0woTVkMgq5iAOOBG+nJ =18jm -----END PGP SIGNATURE----- --IJpNTDwzlM2Ie8A6-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message