Date: Tue, 15 Oct 1996 13:29:27 -0500 (CDT) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: bde@zeta.org.au (Bruce Evans) Cc: bde@zeta.org.au, jgreco@brasil.moneng.mei.com, freebsd-hackers@freebsd.org, j@uriah.heep.sax.de, luigi@labinfo.iet.unipi.it Subject: Re: /sbin/init permission Message-ID: <199610151829.NAA26258@brasil.moneng.mei.com> In-Reply-To: <199610151801.EAA18319@godzilla.zeta.org.au> from "Bruce Evans" at Oct 16, 96 04:01:35 am
next in thread | previous in thread | raw e-mail | index | archive | help
> >Respectfully, I do not think that this is true. > > > >I am in favor of "raising the bar" that potential invaders have to jump > >over whenever I can. This includes little things and big things. > > Well, the above is a curious selection of things with raised bars. > What about the other 43 setuid root executables with permissions > -r-sr-xr-x or -r-sr-sr-x in /*bin and /usr/*bin? I am sorry, I should have clarified that I am not necessarily in favor of those being world readable either. Due to the various reasons that they may be suid (vmstat, etc) it may not be unreasonable to have some of them world readable, but it is probably bad to have login, su, etc. world readable. I do not advocate security through obscurity, but I do advocate use of "obscurity" (or lack of knowledge about local modifications) as a means through which people may be discouraged... :-) In any case, my real objection was to making uuxqt world executable. ... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610151829.NAA26258>