From owner-freebsd-questions@FreeBSD.ORG Thu Jun 17 13:32:19 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB4A716A4CE for ; Thu, 17 Jun 2004 13:32:19 +0000 (GMT) Received: from outfbmx001.isp.belgacom.be (outfbmx001.isp.belgacom.be [195.238.3.96]) by mx1.FreeBSD.org (Postfix) with ESMTP id 416E143D39 for ; Thu, 17 Jun 2004 13:32:19 +0000 (GMT) (envelope-from geert@lori.mine.nu) Received: from outmx013.isp.belgacom.be (outmx013.isp.belgacom.be [195.238.3.64]) (8.12.11/8.12.11/Skynet-OUT-FALLBACK-2.22) with ESMTP id i5H8nBws027966 for ; Thu, 17 Jun 2004 10:49:11 +0200 (envelope-from ) Received: from outmx013.isp.belgacom.be (localhost [127.0.0.1]) with ESMTP id i5H8mlfe027080 for ; Thu, 17 Jun 2004 10:48:47 +0200 (envelope-from ) Received: from lori.mine.nu (46-135.244.81.adsl.skynet.be [81.244.135.46]) with ESMTP id i5H8memd026988; Thu, 17 Jun 2004 10:48:40 +0200 (envelope-from ) Received: by lori.mine.nu (Postfix, from userid 1000) id ED9AD7C; Thu, 17 Jun 2004 10:48:38 +0200 (CEST) Date: Thu, 17 Jun 2004 10:48:38 +0200 From: Geert Hendrickx To: j.e.drews@att.net Message-ID: <20040617084838.GA343@lori.mine.nu> References: <061620041608.19913.40D0707D000648FA00004DC921587667559C990A9D0BD20AD206@att.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <061620041608.19913.40D0707D000648FA00004DC921587667559C990A9D0BD20AD206@att.net> User-Agent: Mutt/1.4.2i X-GPG-Key: http://www.win.ua.ac.be/~s005085/gnupgkey.txt X-GPG-Key-ID: 1024D/766C1E92 X-Accept-Language: nl,en cc: freebsd-questions@freebsd.org Subject: Re: Should gcc be accessable by others? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jun 2004 13:32:19 -0000 I think a better solution would be to mount the user-writable partitions (/home, /tmp) with option "noexec". That prevents users from having their own executables, whether locally compiled or not. GH On Wed, Jun 16, 2004 at 04:08:29PM +0000, j.e.drews@att.net wrote: > Hi: > > I see that gcc, g++, and other tools are usable by world (others). I was > wondering if that is a bad idea as I read here: > http://www.itworld.com/nl/lnx_sec/09242002/pf_index.html > > that the slapper worm used gcc to compile it's exploit. Excerpt: The worm > requires gcc to compile the .bugtraq.c file. .... > > Is it a good idea to change the permisions on the gcc tools to 750 ? I > looked through the FreeBSD Handbook and could find no advice on this matter. > Also are there other tools that should not be available like strace? How can > I find out which ones are potentially exploitable? I am a newcomer to > FreeBSD and have been using it for less than a year so don't be cross if > these questions are naive. > > Kind regards, > Jonathan > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"