Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 30 Mar 2012 11:57:29 -0700
From:      Adrian Chadd <adrian@freebsd.org>
To:        "Julian H. Stacey" <jhs@berklix.com>
Cc:        arch@freebsd.org
Subject:   Re: Should standard binaries & directories revert from uid=root to bin ?
Message-ID:  <CAJ-Vmon=YKcW6Osn2TXcJDbNH1B0xLapL-fTz0myGanHdPW4Yw@mail.gmail.com>
In-Reply-To: <201203301516.q2UFG3ee013758@fire.js.berklix.net>
References:  <201203301516.q2UFG3ee013758@fire.js.berklix.net>

next in thread | previous in thread | raw e-mail | index | archive | help
hi,

because id=3D0 defaults to being squashed via nfs. But if you have a
filesystem full of uid=3Dbin/gid=3Dbin binaries, a slightly insecure NFS
setup would allow NFS clients to simply set their uid=3Dbin and change
these binaries. :-)


Adrian

On 30 March 2012 08:16, Julian H. Stacey <jhs@berklix.com> wrote:
> Hi arch@
> Time was, (& I can go back over 25 years here, but more recently too :-)
> When standard Unix non SUID executables such as wc would be UID=3Dbin,
> GID=3Dbin, & not root. =A0Ditto bin/ & lib/ etc directories.
>
> One advantage was:
> =A0Anything that showed up with ls -l as UID=3D0 was either a SUID
> =A0special, known to the admin's eye, or some administrative dropping,
> =A0mistakenly created by someone logged in as root, to be reviewed/
> =A0regenerated/ deleted.
>
> Now all is UID=3D0. =A0Why ? What advantage did it bring ?
>
> Obviously some SUID & SGID executables need 0 (some could need just bin!)
> but most files & directories do not need UID 0.
>
> BTW, How I noticed this :
> =A0I was tracing why
> =A0 =A0 =A0 =A0/usr/sbin/sshd -d -d -d -D
> =A0was erroring:
> =A0 =A0 =A0 =A0debug3: secure_filename: checking '/.amd_mnt/sshd_host/ad4=
s1/usr1/home'
> =A0 =A0 =A0 =A0Authentication refused: bad ownership or modes for directo=
ry
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 /.amd_mnt/sshd_host/ad4s1/usr1/home
> =A0just because my ~/.ssh was symbolicaly linked via AMD+NFS mounted on a=
nother
> =A0host, & there an intermediate directory was owned by bin & not root,
> =A0 =A0 =A0 =A0ls -la /host/sshd_host/ad4s1/usr1/home
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0drwxr-xr-x =A018 bin =A0 =A0 bin =A0 =A0 =
=A0 512 Mar =A06 11:56 ./
> =A0so I had to
> =A0 =A0 =A0 =A0chown root:wheel /ad4s1/usr1/home
> =A0Just to satisfy sshd being pointlessly strict, as directory was 755.
>
> So we have sshd that's pointlessly strict, & ownerships that seem
> to have near all lost their precision. A funny combo ;-)
>
> Might others tackle the generic over use of root ?
> If so I could create a patch to send-pr ssh =A0?
> (but as ssh is an import, maybe just report & not [yet?] patch ?)
>
> Cheers,
> Julian
> --
> Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix=
.com
> =A0Reply below not above, cumulative like a play script, & indent with ">=
 ".
> =A0Format: Plain text. Not HTML, multipart/alternative, base64, quoted-pr=
intable.
> =A0 =A0 =A0 =A0Mail from @yahoo dumped @berklix. =A0http://berklix.org/ya=
hoo/
> _______________________________________________
> freebsd-arch@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-arch
> To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmon=YKcW6Osn2TXcJDbNH1B0xLapL-fTz0myGanHdPW4Yw>