From owner-freebsd-security Mon Apr 20 15:31:24 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA11413 for freebsd-security-outgoing; Mon, 20 Apr 1998 15:31:24 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from indigo.ie (nsmart@ts01-56.waterford.indigo.ie [194.125.139.119]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA11121 for ; Mon, 20 Apr 1998 22:30:23 GMT (envelope-from rotel@indigo.ie) Received: (from nsmart@localhost) by indigo.ie (8.8.8/8.8.7) id XAA01159 for freebsd-security@FreeBSD.ORG; Mon, 20 Apr 1998 23:28:43 +0100 (IST) (envelope-from rotel@indigo.ie) From: Niall Smart Message-Id: <199804202228.XAA01159@indigo.ie> Date: Mon, 20 Apr 1998 23:28:42 +0000 In-Reply-To: woods@zeus.leitch.com (Greg A. Woods) "Re: suid/sgid programs" (Apr 20, 12:04pm) Reply-To: rotel@indigo.ie X-Mailer: Mail User's Shell (7.2.6 beta(3) 11/17/96) To: freebsd-security@FreeBSD.ORG Subject: Re: suid/sgid programs Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk On Apr 20, 12:04pm, Greg A. Woods wrote: } Subject: Re: suid/sgid programs > [ On Sun, April 19, 1998 at 20:39:48 (+0000), Niall Smart wrote: ] > > Subject: Re: suid/sgid programs > > > > So you want an extra sgid kmem utility just because you like your curious > > users to be able to see what your ccd configuration is? How useful is > > that? Not very. Do it locally if you really must. > > That's bad advice for a general audience. Only a systems programmer who > is extremely familiar with the rules for writing SUID code, and who can > analyze the code in question and check for possible security problems, > should ever even think of adding SUID to an existing binary. > Alternately a SUID-code experienced systems programmer might instead > derive a program from the utility in question that only generates > reports. Absolutely, I didn't mean to give the impression that you should arbitrarily go round setuid'ing things to make your system "easier to use" :) > On the other hand, for ccdconfig itself, if we assume the code was > designed and written with the view that it would normally be SUID, then > there's no reason why we should distrust it any more than anything > else. Heh, I would sincerely hope that *all* set[ug]id programs are designed and programmed with the fact that they are such in mind. That doesn't seem to stop the exploits though, does it? :) Niall -- Niall Smart. PGP: finger njs3@motmot.doc.ic.ac.uk FreeBSD: Turning PC's into Workstations: www.freebsd.org Annoy your enemies and astonish your friends: echo "#define if(x) if (!(x))" >> /usr/include/stdio.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message