From owner-freebsd-security  Wed Sep  3 23:25:14 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id XAA09349
          for security-outgoing; Wed, 3 Sep 1997 23:25:14 -0700 (PDT)
Received: from burka.rdy.com (dima@burka.rdy.com [205.149.163.30])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA09344;
          Wed, 3 Sep 1997 23:25:12 -0700 (PDT)
Received: by burka.rdy.com id XAA27183;
  (8.8.7/RDY) Wed, 3 Sep 1997 23:24:25 -0700 (PDT)
Message-Id: <199709040624.XAA27183@burka.rdy.com>
Subject: Re: Kernel Install Permissions
In-Reply-To: <Pine.BSF.3.96.970903211022.21074B-100000@counterintelligence.ml.org> from "Jamil J. Weatherbee" at "Sep 3, 97 09:13:56 pm"
To: jamil@counterintelligence.ml.org (Jamil J. Weatherbee)
Date: Wed, 3 Sep 1997 23:24:24 -0700 (PDT)
Cc: freebsd-stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
X-Class: Fast
Organization: HackerDome
Reply-To: dima@best.net
From: dima@best.net (Dima Ruban)
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Jamil J. Weatherbee writes:
> 
> This is just a personal opinion, and maybye it is uneducated, but is there
> really some reason for the kernel to be installed chmod 555, wouldn't 544
> or even maybye 444 do (I'm not to familiar with the bootloader, I would
> guess that it doesn't execute /kernel in the same way a coff binary is
> executed so permissions probably don't matter hunh?) 

Perhaps even 550 or 540 with group kmem or something.

> 
> 

-- dima