Date: Thu, 3 Feb 2000 09:29:44 -0800 From: Alfred Perlstein <bright@wintelcom.net> To: Jonathon McKitrick <jcm@dogma.freebsd-uk.eu.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: security for non-root sysadmins Message-ID: <20000203092944.L25520@fw.wintelcom.net> In-Reply-To: <Pine.BSF.4.21.0002031540210.14099-100000@dogma.freebsd-uk.eu.org>; from jcm@dogma.freebsd-uk.eu.org on Thu, Feb 03, 2000 at 03:56:32PM %2B0000 References: <Pine.BSF.4.21.0002031540210.14099-100000@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Jonathon McKitrick <jcm@dogma.freebsd-uk.eu.org> [000203 08:23] wrote: > > Okay, one thing i have learned here is to use a user account for as > much admin as possible. I use su to do the rest. I also read > somewhere that if i change the permissions on /usr/ports/distfiles and > one other directory (work?) i can make ports without being root. What > directory is that? Are there any other changes like these i can make > that will mean spending less time as root for admin tasks, like > building work or kernel? Is there a security risk in changing these > directory permissions to less strict settings? Yes, if you are too lax on your permissions all one needs to do is modify a file within your source/ports tree to have a trojan'd program installed when you do "make install/installworld" -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000203092944.L25520>