From owner-freebsd-audit  Wed Dec  1 15:24:37 1999
Delivered-To: freebsd-audit@freebsd.org
Received: from dozer.skynet.be (dozer.skynet.be [195.238.2.36])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3A49E14E1C; Wed,  1 Dec 1999 15:24:34 -0800 (PST)
	(envelope-from root@foxbert.skynet.be)
Received: from foxbert.skynet.be (foxbert.skynet.be [195.238.1.45])
	by dozer.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id AAA26326;
	Thu, 2 Dec 1999 00:23:43 +0100 (MET)
Received: (from root@localhost)
	by foxbert.skynet.be (8.9.1/jovi-pop-2.1) id AAA08725;
	Thu, 2 Dec 1999 00:23:43 +0100 (MET)
Mime-Version: 1.0
X-Sender: blk@foxbert.skynet.be
Message-Id: <v04205507b46b5d29b40a@[195.238.21.204]>
In-Reply-To: <Pine.BSF.4.21.9912011449180.87299-100000@hub.freebsd.org>
References: <Pine.BSF.4.21.9912011449180.87299-100000@hub.freebsd.org>
Date: Thu, 2 Dec 1999 00:19:19 +0100
To: Kris Kennaway <kris@hub.freebsd.org>, audit@FreeBSD.ORG
From: Brad Knowles <blk@skynet.be>
Subject: Re: Auditing ports
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 2:56 PM -0800 1999/12/1, Kris Kennaway wrote:

> A first task would be to identify _which_ ports install set[ug]id
> executables: the easiest way to do this would probably be to install every
> available package on a box at once (or do them in chunks), compile a list
> of set[gu]id files and track them back to which port they came from. We
> can then prioritize this list in terms of potential severity.
>
> Anyone able to do this step?

	You want to do this under -CURRENT, as opposed to -STABLE, right?

	I'd be interested to know how it would be done, and as part of 
that exercise I'd be willing to try it under -STABLE (the version 
currently installed on the machine I can play with at the moment).  I 
can't help you with doing this under -CURRENT, however.

-- 
   These are my opinions -- not to be taken as official Skynet policy
  ____________________________________________________________________
|o| Brad Knowles, <blk@skynet.be>            Belgacom Skynet NV/SA |o|
|o| Systems Architect, News & FTP Admin      Rue Col. Bourg, 124   |o|
|o| Phone/Fax: +32-2-706.11.11/12.49         B-1140 Brussels       |o|
|o| http://www.skynet.be                     Belgium               |o|
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
  Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.
   Unix is very user-friendly.  It's just picky who its friends are.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message