From owner-freebsd-security  Wed Aug  1 17:16: 8 2001
Delivered-To: freebsd-security@freebsd.org
Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18])
	by hub.freebsd.org (Postfix) with ESMTP id B456837B401
	for <freebsd-security@FreeBSD.ORG>; Wed,  1 Aug 2001 17:16:03 -0700 (PDT)
	(envelope-from brian@Awfulhak.org)
Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12])
	by Awfulhak.org (8.11.4/8.11.4) with ESMTP id f720Fws06594;
	Thu, 2 Aug 2001 01:15:58 +0100 (BST)
	(envelope-from brian@lan.Awfulhak.org)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
	by hak.lan.Awfulhak.org (8.11.4/8.11.4) with ESMTP id f720Fv811693;
	Thu, 2 Aug 2001 01:15:57 +0100 (BST)
	(envelope-from brian@hak.lan.Awfulhak.org)
Message-Id: <200108020015.f720Fv811693@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
To: Kris Kennaway <kris@obsecurity.org>
Cc: Brian Somers <brian@Awfulhak.org>,
	Bart Matthaei <bart@xs4nobody.nl>,
	Nuno Teixeira <nuno.mailinglists@pt-quorum.com>,
	freebsd-security@FreeBSD.ORG, brian@freebsd-services.com,
	brian@freebsd-services.com
Subject: Re: RELEASE 4.3 -> RELENG_4_3: SUCCESSFULLY but ... 
In-Reply-To: Message from Kris Kennaway <kris@obsecurity.org> 
   of "Wed, 01 Aug 2001 17:10:47 PDT." <20010801171046.A85330@xor.obsecurity.org> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 02 Aug 2001 01:15:57 +0100
From: Brian Somers <brian@Awfulhak.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> On Thu, Aug 02, 2001 at 01:05:10AM +0100, Brian Somers wrote:
> 
> > This just blows my mind.  Not only because I can't see (for example) why=
> =20
> > rsh has schg and rshd does not, but also because
> 
> It makes no sense as a security measure.  It makes more sense as an
> anti-foot-shooting measure, to prevent accidental removal of critical
> binaries which are needed to get the system up and minimally running
> (init, /kernel, etc).  Of course, that argument only works for some on
> that list, and the rest should probably have the flag removed.

Agreed.  I'd definitely consider rshd more critical than rsh (for 
people that use these programs) for example.  sshd may be a good 
candidate for anti-foot-shooting measures too (against it being 
accidently removed, not noticed, and the box being rebooted).

> Kris

-- 
Brian <brian@freebsd-services.com>                <brian@Awfulhak.org>
      http://www.freebsd-services.com/        <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour !      <brian@[uk.]OpenBSD.org>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message