Date: Thu, 2 Dec 1999 00:19:19 +0100 From: Brad Knowles <blk@skynet.be> To: Kris Kennaway <kris@hub.freebsd.org>, audit@FreeBSD.ORG Subject: Re: Auditing ports Message-ID: <v04205507b46b5d29b40a@[195.238.21.204]> In-Reply-To: <Pine.BSF.4.21.9912011449180.87299-100000@hub.freebsd.org> References: <Pine.BSF.4.21.9912011449180.87299-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 2:56 PM -0800 1999/12/1, Kris Kennaway wrote: > A first task would be to identify _which_ ports install set[ug]id > executables: the easiest way to do this would probably be to install every > available package on a box at once (or do them in chunks), compile a list > of set[gu]id files and track them back to which port they came from. We > can then prioritize this list in terms of potential severity. > > Anyone able to do this step? You want to do this under -CURRENT, as opposed to -STABLE, right? I'd be interested to know how it would be done, and as part of that exercise I'd be willing to try it under -STABLE (the version currently installed on the machine I can play with at the moment). I can't help you with doing this under -CURRENT, however. -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, <blk@skynet.be> Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04205507b46b5d29b40a>