Date: Thu, 02 Dec 1999 07:59:55 +0200 From: Mark Murray <mark@grondar.za> To: Kris Kennaway <kris@hub.freebsd.org>, satoshi@freebsd.org Cc: audit@freebsd.org Subject: Re: Auditing ports Message-ID: <199912020559.HAA24545@gratis.grondar.za>
next in thread | raw e-mail | index | archive | help
[ Satoshi CC'ed for comment ] Satoshi - background: The problem of auditing all 2800 ports was raised, and was reduced to the problem of auditing those which we patched to be set[gu]id. Kris continues: > A first task would be to identify _which_ ports install set[ug]id > executables: the easiest way to do this would probably be to install every > available package on a box at once (or do them in chunks), compile a list > of set[gu]id files and track them back to which port they came from. We > can then prioritize this list in terms of potential severity. Satoshi - is there any way that your ports-building engines can help us here by (say) spitting out some "ls -laR" lists automatically? We'll then grep them for s[gu]id bits and do the rest. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912020559.HAA24545>