From owner-freebsd-audit Wed Dec 1 15:24:37 1999 Delivered-To: freebsd-audit@freebsd.org Received: from dozer.skynet.be (dozer.skynet.be [195.238.2.36]) by hub.freebsd.org (Postfix) with ESMTP id 3A49E14E1C; Wed, 1 Dec 1999 15:24:34 -0800 (PST) (envelope-from root@foxbert.skynet.be) Received: from foxbert.skynet.be (foxbert.skynet.be [195.238.1.45]) by dozer.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id AAA26326; Thu, 2 Dec 1999 00:23:43 +0100 (MET) Received: (from root@localhost) by foxbert.skynet.be (8.9.1/jovi-pop-2.1) id AAA08725; Thu, 2 Dec 1999 00:23:43 +0100 (MET) Mime-Version: 1.0 X-Sender: blk@foxbert.skynet.be Message-Id: In-Reply-To: References: Date: Thu, 2 Dec 1999 00:19:19 +0100 To: Kris Kennaway , audit@FreeBSD.ORG From: Brad Knowles Subject: Re: Auditing ports Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 2:56 PM -0800 1999/12/1, Kris Kennaway wrote: > A first task would be to identify _which_ ports install set[ug]id > executables: the easiest way to do this would probably be to install every > available package on a box at once (or do them in chunks), compile a list > of set[gu]id files and track them back to which port they came from. We > can then prioritize this list in terms of potential severity. > > Anyone able to do this step? You want to do this under -CURRENT, as opposed to -STABLE, right? I'd be interested to know how it would be done, and as part of that exercise I'd be willing to try it under -STABLE (the version currently installed on the machine I can play with at the moment). I can't help you with doing this under -CURRENT, however. -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message