From owner-freebsd-security  Wed Jul 31 23:26:38 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id XAA00892
          for security-outgoing; Wed, 31 Jul 1996 23:26:38 -0700 (PDT)
Received: from darkwing.pacific.net.sg (darkwing.pacific.net.sg [203.120.89.89])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id XAA00887
          for <freebsd-security@freebsd.org>; Wed, 31 Jul 1996 23:26:33 -0700 (PDT)
Received: (qmail-queue invoked from smtpd); 1 Aug 1996 06:25:03 -0000
Received: from darkwing.pacific.net.sg (203.120.89.89)
  by darkwing.pacific.net.sg with SMTP; 1 Aug 1996 06:25:03 -0000
Date: Thu, 1 Aug 1996 14:25:03 +0800 (SST)
From: Ng Pheng Siong <ngps@pacific.net.sg>
To: freebsd-security@freebsd.org
Subject: [linux-security] Test squad results on group rights denial (fwd)
Message-ID: <Pine.GSO.3.94.960801142307.19619L-100000@darkwing.pacific.net.sg>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Got the following from linux-security. Just noted that FreeBSD (also Net and 
Open ;) aren't listed. 

Anyone know what this is?

---------- Forwarded message ----------
Date: Tue, 30 Jul 1996 09:27:53 +0200 (MET DST)
From: Rogier Wolff <R.E.Wolff@BitWizard.nl>
To: linux-security@tarsier.cv.nrao.edu
Subject: [linux-security] Test squad results on group rights denial


I've got several replies back from the test squad now.
The question was: Can we find OSes where you cannot get less rights than
"other" if you're in the group.....

The test squad so far has access to the following OSes:

Linux (Slackware 3.0) 2.0.9
Linux (Slackware 2.0 w/mods) 1.2.13
Linux (Slackware 2.3) 2.0.8
Linux (Slackware 3.0) 2.0.7
Linux (Slackware ??)  1.2.8    
Linux (Debian 1.1) 2.0.8  
Linux (RedHat 3.0.3) 2.0.0 
Linux (Redhat ??) ????
Linux (custom) 2.0.8       
Linux (???) 1.3.80, ext2fs 

AIX 2.3                    
BSDI 2.0                   
HPUX 9.05
HPUX 10.10
HPUX 10.01
Irix 5.3 			
Irix 6.2                   
OSF1 3.2                   
OSF1 3.2d                  
SunOS 4.1.3                
SunOS 4.1.4          
Solaris 2.3 (SunOS 5.3)
Solaris 2.4 (SunOS 5.4)    
Solaris 2.5 (SunOS 5.5)
VMS 5.5-1                  

On most OSes it seems that you are able to revoke rights by putting
someone in a group, and revoking group rights.  I got reports about
NOT being able to revoke "other" rights using the group bits for the
following OSes:

HPUX 10.01, Irix 5.3 and Linux 1.2.8.

I verified HPUX versions 9.05 and 10.10 myself, and WAS able to revoke
rights. Others have been able to do that for Linux and Irix. For Linux
it might be filesystem dependent. Ext2fs will handle this properly.

The test squad ran 30 tests, of which 3 turned out questionable.
The original report from Daniel Roedding (daniel@fiction.pb.owl.de) 
that it didn't work on an old dynix system still stands.

                                             Roger.

--
/* EMail: R.E.Wolff@BitWizard.nl   */ int main (int argc,char**argv){
/*   Tel: +31-15-2137459           */ if (*++argv&&!strcmp(*argv,"-advice")) 
/*   WWW: http://www.BitWizard.nl/ */   {printf("Don't Panic!\n");exit(42);}}