Date: Mon, 20 Apr 1998 23:25:23 +0000 From: Niall Smart <rotel@indigo.ie> To: Peter Jeremy <Peter.Jeremy@alcatel.com.au>, freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs Message-ID: <199804202225.XAA01146@indigo.ie> In-Reply-To: Peter Jeremy <Peter.Jeremy@alcatel.com.au> "Re: suid/sgid programs" (Apr 20, 10:00am)
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 20, 10:00am, Peter Jeremy wrote: } Subject: Re: suid/sgid programs > On Mon, 20 Apr 1998 00:09:43 +0000, Niall Smart <rotel@indigo.ie> wrote: > > lpd can be root.wheel 770 and immediately > >setuid to "lp" after opening the socket. > > This means that lpd may not be able to read the user's file. Either > lpr has to always copy the file to be printed (which is slow and may > mean lots of spool space), or you can only print world-readable files. The default action of lpr is to make a copy of the file, and I don't believe the price for losing -s capability is such a bad thing to pay for less setuid binaries, especially since most folk don't know about it, and those that do can write a script to temporarily remove read access from the current directory and rename file file to something unguessable. I know this isn't ideal, but its not a bad tradeoff IMO. Niall -- Niall Smart. PGP: finger njs3@motmot.doc.ic.ac.uk FreeBSD: Turning PC's into Workstations: www.freebsd.org Annoy your enemies and astonish your friends: echo "#define if(x) if (!(x))" >> /usr/include/stdio.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804202225.XAA01146>