From owner-freebsd-hackers Tue Oct 15 11:30:28 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA26949 for hackers-outgoing; Tue, 15 Oct 1996 11:30:28 -0700 (PDT) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA26925 for ; Tue, 15 Oct 1996 11:30:07 -0700 (PDT) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id NAA26258; Tue, 15 Oct 1996 13:29:27 -0500 From: Joe Greco Message-Id: <199610151829.NAA26258@brasil.moneng.mei.com> Subject: Re: /sbin/init permission To: bde@zeta.org.au (Bruce Evans) Date: Tue, 15 Oct 1996 13:29:27 -0500 (CDT) Cc: bde@zeta.org.au, jgreco@brasil.moneng.mei.com, freebsd-hackers@freebsd.org, j@uriah.heep.sax.de, luigi@labinfo.iet.unipi.it In-Reply-To: <199610151801.EAA18319@godzilla.zeta.org.au> from "Bruce Evans" at Oct 16, 96 04:01:35 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > >Respectfully, I do not think that this is true. > > > >I am in favor of "raising the bar" that potential invaders have to jump > >over whenever I can. This includes little things and big things. > > Well, the above is a curious selection of things with raised bars. > What about the other 43 setuid root executables with permissions > -r-sr-xr-x or -r-sr-sr-x in /*bin and /usr/*bin? I am sorry, I should have clarified that I am not necessarily in favor of those being world readable either. Due to the various reasons that they may be suid (vmstat, etc) it may not be unreasonable to have some of them world readable, but it is probably bad to have login, su, etc. world readable. I do not advocate security through obscurity, but I do advocate use of "obscurity" (or lack of knowledge about local modifications) as a means through which people may be discouraged... :-) In any case, my real objection was to making uuxqt world executable. ... JG