From owner-freebsd-security  Tue Nov 17 12:16:17 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA05530
          for freebsd-security-outgoing; Tue, 17 Nov 1998 12:16:17 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mx1.dmz.fedex.com (mx1.dmz.fedex.com [199.81.194.37])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA05506
          for <freebsd-security@freebsd.org>; Tue, 17 Nov 1998 12:16:04 -0800 (PST)
          (envelope-from wam@mohawk.dpd.fedex.com)
Received: from mx1.zmd.fedex.com (sendmail@mx1.zmd.fedex.com [199.82.159.10])
	by mx1.dmz.fedex.com (8.9.1/8.9.1) with ESMTP id OAA26590
	for <freebsd-security@freebsd.org>; Tue, 17 Nov 1998 14:15:16 -0600 (CST)
Received: from s07.sa.fedex.com (root@s07.sa.fedex.com [199.81.124.17])
	by mx1.zmd.fedex.com (8.9.1/8.9.1) with ESMTP id OAA27262
	for <freebsd-security@freebsd.org>; Tue, 17 Nov 1998 14:15:14 -0600 (CST)
Received: from mohawk.dpd.fedex.com (mohawk.dpd.fedex.com [199.81.74.121])
	by s07.sa.fedex.com (8.9.1/8.9.1) with SMTP id OAA05291;
	Tue, 17 Nov 1998 14:14:55 -0600 (CST)
Message-Id: <199811172014.OAA05291@s07.sa.fedex.com>
To: Cliff Skolnick <cliff@steam.com>
cc: Andrew McNaughton <andrew@squiz.co.nz>,
        Matthew Dillon <dillon@apollo.backplane.com>,
        Warner Losh <imp@village.org>,
        Andre Albsmeier <andre.albsmeier@mchp.siemens.de>,
        freebsd-security@FreeBSD.ORG,
        "Jordan K. Hubbard" <jkh@zippy.cdrom.com>, Dima Ruban <dima@best.net>
Subject: Re: Would this make FreeBSD more secure? & sendmail changes in OpenBSD 2.4 
Date: Tue, 17 Nov 1998 14:14:22 -0600
From: William McVey <wam@sa.fedex.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Cliff Skolnick wrote:
>I am more concerned about stand alone daemons like sendmail, syslog, apache,
>etc.  A well written program could simply have a setuid wrapper like innd
>that opens the socket, does a setuid() to some other user, then exec()s the
>real program.  If I do this I know my program will work on most UNIX boxes
>in a reasonably secure way.  Now if someone wanted to write a wrapper to 
>make this easy, and it ran on most if not all UNIX systems great.

Most of these services could easily be modified to start from
inetd as wait services.  Basically, inetd does the port binding,
setuid-ing, and execing, just like it always does.  As I've mentioned
before, sendmail can defintly run in this manner.  So could most
web servers.  I did some playing around with syslog starting from
inetd, and ran into a few problems which I need to read more syslogd
and inetd code to work out (for example, inetd normally logs it's
messages via syslog(3), what happens when it is the program starting
syslogd?) to "what does inetd log to before syslog comes online.

 -- William

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message