From owner-freebsd-security Mon Apr 20 10:56:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA23920 for freebsd-security-outgoing; Mon, 20 Apr 1998 10:56:08 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from gateman.zeus.leitch.com (gateman.zeus.leitch.com [204.187.61.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA23457 for ; Mon, 20 Apr 1998 17:55:02 GMT (envelope-from woods@tap.zeus.leitch.com) Received: from zeus.leitch.com (tap.zeus.leitch.com [204.187.61.10]) by gateman.zeus.leitch.com (8.8.5/8.7.3/1.0) with ESMTP id NAA18483 for ; Mon, 20 Apr 1998 13:55:06 -0400 (EDT) Received: from brain.zeus.leitch.com (brain.zeus.leitch.com [204.187.61.32]) by zeus.leitch.com (8.7.5/8.7.3/1.0) with ESMTP id NAA23746 for ; Mon, 20 Apr 1998 13:55:05 -0400 (EDT) Received: (from woods@localhost) by brain.zeus.leitch.com (8.8.8/8.8.8) id NAA13930; Mon, 20 Apr 1998 13:55:05 -0400 (EDT) (envelope-from woods@tap.zeus.leitch.com) Date: Mon, 20 Apr 1998 13:55:05 -0400 (EDT) Message-Id: <199804201755.NAA13930@brain.zeus.leitch.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit From: woods@zeus.leitch.com (Greg A. Woods) To: freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs In-Reply-To: Karl Denninger's message of "Sun, April 19, 1998 19:18:54 -0500" regarding "Re: suid/sgid programs" id <19980419191854.00143@mcs.net> References: <19980419124742.02609@mcs.net> <19980419191854.00143@mcs.net> X-Mailer: VM 6.45 under Emacs 20.2.1 Reply-To: freebsd-security@FreeBSD.ORG Organization: Planix, Inc.; Toronto, Ontario; Canada Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk [ On Sun, April 19, 1998 at 19:18:54 (-0500), Karl Denninger wrote: ] > Subject: Re: suid/sgid programs > > > > Same with crontab, at and batch. *CRON* needs to run as root, but crontab > > > and friends DO NOT. They need to be SUID to something, but again, not root. > > > > But if someone can break the uid that crontab runs as, they have root > > anyway. > > Not necessarily. There are ways around that problem. I, for one, am all ears! The only tricks I can think of are those that would work soley by obscurity, which with open source make them of little real value. Other tricks, such as using some fancy IPC between crontab(1) and cron(8) may actually decrease security because the spread the responsibility for authentication and authorization over more code. Crontab(1) as-is can be programmed very simply and quite securely so long, and regardless of what UID it runs as to drop files into the queuing area, if that UID is cracked then root is as good as gone too, so one may as well just make crontab(1) set-UID root. -- Greg A. Woods +1 416 443-1734 VE3TCP Planix, Inc. ; Secrets of the Weird To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message