Date: Sun, 2 Apr 1995 16:29:42 -0400 From: Garrett Wollman <wollman@halloran-eldar.lcs.mit.edu> To: Paul Traina <pst@Shockwave.COM> Cc: security@FreeBSD.org Subject: root owning everything Message-ID: <9504022029.AA21539@halloran-eldar.lcs.mit.edu> In-Reply-To: <199504011850.KAA15088@precipice.shockwave.com> References: <199504011850.KAA15088@precipice.shockwave.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sat, 01 Apr 1995 10:50:37 -0800, Paul Traina <pst@Shockwave.COM> said: > Except for setuid files, the majority of files in / and /usr should be owned > by root, not bin, so that I can't nfsmount a volume read-write and su to > bin and have a party. > An alternative would be to map uid bin to nobody the same way root is done. If you care about security, you'll map almost everybody to nobody in /etc/exports. I'm not sure if this works right now. -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9504022029.AA21539>