From owner-freebsd-security  Sun Sep  9  1:22: 3 2001
Delivered-To: freebsd-security@freebsd.org
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by hub.freebsd.org (Postfix) with ESMTP id 1395D37B407
	for <security@FreeBSD.ORG>; Sun,  9 Sep 2001 01:21:59 -0700 (PDT)
Received: (from ache@localhost)
	by nagual.pp.ru (8.11.6/8.11.6) id f898Le338879;
	Sun, 9 Sep 2001 12:21:40 +0400 (MSD)
	(envelope-from ache)
Date: Sun, 9 Sep 2001 12:21:40 +0400
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: Bruce Evans <bde@zeta.org.au>
Cc: Matt Dillon <dillon@earth.backplane.com>,
	Mike Tancsa <mike@sentex.net>, security@FreeBSD.ORG
Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems.
Message-ID: <20010909122140.A38804@nagual.pp.ru>
References: <200109082045.f88KjjK29003@earth.backplane.com> <20010909174638.Q3607-100000@alphplex.bde.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010909174638.Q3607-100000@alphplex.bde.org>
User-Agent: Mutt/1.3.21i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Sun, Sep 09, 2001 at 18:07:52 +1000, Bruce Evans wrote:
> I don't see how schg'ing these binaries makes them significantly more
> secure.  These binaries are not writable by uucp.  They are writable
> by root, but root can just as easily un-schg them as write them.

From user, chmod u+w binary, then ovewrite it

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message