Date: Sun, 19 Apr 1998 12:53:11 -0400 (EDT) From: Open Systems Networking <opsys@mail.webspan.net> To: "Jordyn A. Buchanan" <jordyn@bestweb.net> Cc: Marc Slemko <marcs@znep.com>, Niall Smart <rotel@indigo.ie>, freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs Message-ID: <Pine.BSF.3.95.980419123720.19152A-100000@orion.webspan.net> In-Reply-To: <Pine.BSF.3.96.980419121146.11460E-100000@miro.bestweb.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 Apr 1998, Jordyn A. Buchanan wrote:
> On Sun, 19 Apr 1998, Marc Slemko wrote:
>
> a middle ground. Why not ship rarely used sets of setuid/setgid binaries
> with the setXid bit off, but also include a script that allows an
> administrator to activate them? Such an approach doesn't require that the
> administrator have intimate details of what needs to be setuid or setgid,
> but it does require that he or she needs the functionality before
> scattering setuid binaries across the system.
I've seen this thread go on now, and to be quite honest if you want
security you can't do a half baked approach of scripts and bits and
what not. If you want a secure FreeBSD your going to have to redesign it.
To make at least C2 orange book ratings. For your claims of it being
secure to carry any weight with anyone. I mean if NT can get away with its
C2 joke rating surely you can hammer out an actually C2 rated version of
FreeBSD. There was a mailing list setup for a BSD-C2-audit but it died.
FreeBSD is insecure by design. It's mulituser, has no trust models, etc..
I can see people wanting to strip off as much setuid stuff as possible but
like I said I think thats kinda half baked. If you want SECURE FreeBSD
there needs to be a FreeBSD/C2 project. At least IMO anyway. Otherwise you
just keep going the way linux and FreeBSD are, fix stuff new release new
exploits,fix stuff, new exploits etc.. True C2 rating wont fix everything
but it sure makes it a hell of a lot harder for ankle biters to exploit.
I would REALLY love to see a C2 FreeBSD project. Now THAT would be a
killer selling point
Chris
--
"I am closed minded. It keeps the rain out."
===================================| Open Systems Networking And Consulting.
FreeBSD 2.2.6 is available now! | Phone: 316-326-6800
-----------------------------------| 1402 N. Washington, Wellington, KS-67152
FreeBSD: The power to serve! | E-Mail: opsys@open-systems.net
http://www.freebsd.org | Consulting-Network Engineering-Security
===================================| http://open-systems.net
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQENAzPemUsAAAEH/06iF0BU8pMtdLJrxp/lLk3vg9QJCHajsd25gYtR8X1Px1Te
gWU0C4EwMh4seDIgK9bzFmjjlZOEgS9zEgia28xDgeluQjuuMyUFJ58MzRlC2ONC
foYIZsFyIqdjEOCBdfhH5bmgB5/+L5bjDK6lNdqD8OAhtC4Xnc1UxAKq3oUgVD/Z
d5UJXU2xm+f08WwGZIUcbGcaonRC/6Z/5o8YpLVBpcFeLtKW5WwGhEMxl9WDZ3Kb
NZH6bx15WiB2Q/gZQib3ZXhe1xEgRP+p6BnvF364I/To9kMduHpJKU97PH3dU7Mv
CXk2NG3rtOgLTEwLyvtBPqLnbx35E0JnZc0k5YkABRO0JU9wZW4gU3lzdGVtcyA8
b3BzeXNAb3Blbi1zeXN0ZW1zLm5ldD4=
=BBjp
-----END PGP PUBLIC KEY BLOCK-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.980419123720.19152A-100000>