Date: Mon, 20 Apr 1998 13:55:05 -0400 (EDT) From: woods@zeus.leitch.com (Greg A. Woods) To: freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs Message-ID: <199804201755.NAA13930@brain.zeus.leitch.com> In-Reply-To: Karl Denninger's message of "Sun, April 19, 1998 19:18:54 -0500" regarding "Re: suid/sgid programs" id <19980419191854.00143@mcs.net> References: <19980419124742.02609@mcs.net> <Pine.BSF.3.95.980419121151.16057t-100000@alive.znep.com> <19980419191854.00143@mcs.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[ On Sun, April 19, 1998 at 19:18:54 (-0500), Karl Denninger wrote: ] > Subject: Re: suid/sgid programs > > > > Same with crontab, at and batch. *CRON* needs to run as root, but crontab > > > and friends DO NOT. They need to be SUID to something, but again, not root. > > > > But if someone can break the uid that crontab runs as, they have root > > anyway. > > Not necessarily. There are ways around that problem. I, for one, am all ears! The only tricks I can think of are those that would work soley by obscurity, which with open source make them of little real value. Other tricks, such as using some fancy IPC between crontab(1) and cron(8) may actually decrease security because the spread the responsibility for authentication and authorization over more code. Crontab(1) as-is can be programmed very simply and quite securely so long, and regardless of what UID it runs as to drop files into the queuing area, if that UID is cracked then root is as good as gone too, so one may as well just make crontab(1) set-UID root. -- Greg A. Woods +1 416 443-1734 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804201755.NAA13930>