From owner-freebsd-security Wed Jan 24 16:55:27 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id QAA06300 for security-outgoing; Wed, 24 Jan 1996 16:55:27 -0800 (PST) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id QAA06290 for ; Wed, 24 Jan 1996 16:55:15 -0800 (PST) Received: from msmith@localhost by genesis.atrad.adelaide.edu.au (8.6.12/8.6.9) id LAA28536; Thu, 25 Jan 1996 11:32:14 +1030 From: Michael Smith Message-Id: <199601250102.LAA28536@genesis.atrad.adelaide.edu.au> Subject: Re: Ownership of files/tcp_wrappers port To: p.richards@elsevier.co.uk (Paul Richards) Date: Thu, 25 Jan 1996 11:32:13 +1030 (CST) Cc: security@freebsd.org In-Reply-To: <199601242008.UAA19526@cadair.elsevier.co.uk> from "Paul Richards" at Jan 24, 96 08:08:31 pm MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org Precedence: bulk Paul Richards stands accused of saying: > > > Bin has no shell. (See below). Few or no binaries are ever setuid bin. > > Umm, bin does have a shell > > bin:*:3:7:Binaries Commands and Source,,,:/:/bin/sh Bin does _not_ have a shell. I had finished a 2.1 install a few minutes before I wrote that message, and I checked my facts. If your bin has a shell, it's either because you gave it one, or because you've upgraded from a previous version. > This is what segregation of privilages is all about. Making a lot more > of the system owned by root just increases the number of potential pitfalls > facing sysadmins. Agreed. > Paul Richards. Originative Solutions Ltd. -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] "Who does BSD?" "We do Chucky, we do." [[