Date: Sat, 26 Jul 2003 19:19:21 +0200 From: "Peter Rosa" <prosa@pro.sk> To: "FreeBSD Questions" <freebsd-questions@freebsd.org> Subject: Re: suid bit files and securing FreeBSD Message-ID: <00aa01c3539a$0ddd9400$3501a8c0@pro.sk> References: <00a201c35398$ed1de680$3501a8c0@pro.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry for disturbing you. This was for security mailing list and I sent it here by mistake Cheers, Peter Rosa ----- Original Message ----- From: "Peter Rosa" <prosa@pro.sk> To: "FreeBSD Questions" <freebsd-questions@freebsd.org> Sent: Saturday, July 26, 2003 7:11 PM Subject: suid bit files and securing FreeBSD > Hello everybody, > > I'm a newbie in this list, so I don't know if it's the appropriate place > for my question. Anyway, I'd be happy to find out the solution. > > Please, has anyone simple answer for: > > I'm looking for an exact list of files, which: > 1. MUST have... > 2. HAVE FROM BSD INSTALLATION... > 3. DO NOT NEED... > 4. NEVER MAY... > ...the suid-bit set. > > Of course, it's no problem to find-out which files ALREADY HAS > suid-bit set. But what files REALLY MUST have it ? > I know generalities, as e.g. shell should never have suid bit set, > but what if someone has copied any shell to some other location > and have set the suid bit ? It's security hole, isn't it ? > And what if I have more such files on my machine ? > It is not about my machine has been compromited, it is only WHAT IF... > > -------------------------------------------- > > Second question is: Has anybody an exact wizard, how to secure > the FreeBSD machine. Imagine the situation, the only person who > can do anything on that machine is me, and nobody other. I have > set very restrictive firewalling, I have removed ALL tty's except > two local tty's (I need to work on that machine), but there are > still open port 25 and 53 (must be forever), so someone very > tricky can compromite my machine. > > I'm a little bit paranoic, don't I :-))))))) > > Cheers, > > Peter Rosa > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00aa01c3539a$0ddd9400$3501a8c0>