From owner-freebsd-security Tue Sep 10 12:15:03 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA07185 for security-outgoing; Tue, 10 Sep 1996 12:15:03 -0700 (PDT) Received: from fmsc-gw.fmsc.com.au (gw.fmsc.com.au [203.4.181.65]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA07165 for ; Tue, 10 Sep 1996 12:14:59 -0700 (PDT) Received: by fmsc-gw.fmsc.com.au id AA05458 (5.67b/IDA-1.5 for ); Wed, 11 Sep 1996 05:16:53 +1000 Received: from shaggy.fmsc.com.au(203.4.181.10) by fmsc-gw.fmsc.com.au via smap (V1.3) id sma005452; Wed Sep 11 05:16:31 1996 Received: from mrburns.fmsc.co.uk (ras-2.fmsc.com.au [203.4.181.182]) by shaggy.fmsc.com.au (8.7.3/8.7.3) with SMTP id FAA15882 for ; Wed, 11 Sep 1996 05:13:54 +1000 (EST) Message-Id: <3.0b11.32.19960910190410.006e4c94@203.4.181.10> X-Sender: jlo@203.4.181.10 X-Mailer: Windows Eudora Pro Version 3.0b11 (32) Date: Tue, 10 Sep 1996 20:16:24 +1000 To: freebsd-security@FreeBSD.org From: John Paul Lonie Subject: suid/sguid files Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-security@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Hello all, Just wondering what the effect would be on removing the set u/g of the following files. Most of these are -s kmem or tty or dialer. First of all what difference would the kmem ones have on the root users use of these files, I presume nothing but I wouldn't mind being certain. I suppose the real question is does anything fall over if the kem /tty groups are changed on systems with only the root user. /bin/ps /sbin/dmesg /sbin/dump - why is this tty ? -r-sr-sr-x 1 root tty 188416 Jul 17 03:23 dump /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/batch /usr/bin/fstat /usr/bin/ipcs /usr/bin/login /usr/bin/modstat /usr/bin/netstat /usr/bin/su /usr/bin/w /usr/bin/uptime /usr/bin/wall Does this affect the shutdown scripts ? /usr/bin/systat /usr/bin/vmstat /usr/libexec/mail.local /usr/local/bin/top /usr/sbin/ppp /usr/sbin/pppd /usr/sbin/pppstats /usr/sbin/pstat /usr/sbin/swapinfo /usr/sbin/trpt /usr/sbin/iostat /usr/sbin/ncrcontrol --- Regards, John Paul Lonie - Systems Administrator Finanical Market Software Consultants Pty Ltd. Email: jlo@fmsc.com.au Mobile: 0419-233-492 Phone: +612-9290-3944 Fax: +612-9262-2858