From owner-freebsd-bugs Mon Mar 24 10:46:48 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA26466 for bugs-outgoing; Mon, 24 Mar 1997 10:46:48 -0800 (PST) Received: from palrel3.hp.com (palrel3.hp.com [15.253.88.10]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA26368 for ; Mon, 24 Mar 1997 10:45:30 -0800 (PST) Received: from srmail.sr.hp.com (srmail.sr.hp.com [15.4.45.14]) by palrel3.hp.com with ESMTP (8.7.5/8.7.3) id KAA29210 for ; Mon, 24 Mar 1997 10:45:14 -0800 (PST) Received: from hpnmhjw.sr.hp.com by srmail.sr.hp.com with ESMTP (1.37.109.16/15.5+ECS 3.3) id AA134139113; Mon, 24 Mar 1997 10:45:14 -0800 Received: from mina.sr.hp.com by hpnmhjw.sr.hp.com with SMTP (1.37.109.16/15.5+ECS 3.3) id AA243889113; Mon, 24 Mar 1997 10:45:13 -0800 Message-Id: <199703241845.AA243889113@hpnmhjw.sr.hp.com> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: freebsd-bugs@freebsd.org Subject: Re: sendmail can't create PID file because of owner permission of /var/run Reply-To: darrylo@sr.hp.com In-Reply-To: Your message of "Mon, 24 Mar 1997 08:09:50 +0100." <19970324080950.WP16275@uriah.heep.sax.de> Date: Mon, 24 Mar 1997 10:45:13 -0800 From: Darryl Okahata Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Joerg Wunsch (joerg_wunsch@uriah.heep.sax.de) wrote: > Since bin has no password (and no shell) on 99.9 % of the systems, you > must be root before you can become bin anyway. So what? If the > intruder is root already, assigning all the system binaries to root > wouldn't help. Scenario: * Intruder breaks into system "A", and manages to become root. * Intruder attempts to break into system "B", but is initially thwarted (no .rhosts, no hosts.equiv, no common passwords, etc.). * However, system A mounts (via NFS) some of system B's directories. System B disallows root access via NFS (i.e., root uid == -2). * Intruder becomes "bin" on system A, cd's to an NFS-mounted directory from system B, and replaces binary executables owned by bin with trojan horses. Note that the trojans are being placed on system B, and not system A. I'm sure you can guess the rest. Keeping files and directories owned by root can make a system more secure, as long as root access is disallowed via NFS (and group/other write permission is taken away on files and directories). -- Darryl Okahata Internet: darrylo@sr.hp.com DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Hewlett-Packard, or of the little green men that have been following him all day.