Date: Sat, 26 Jul 2003 13:54:59 -0400 From: Daniel Harris <dh@askdh.com> To: matthew@starbreaker.net Cc: freebsd-questions@freebsd.org Subject: Re: suid bit files and securing FreeBSD Message-ID: <3F22C073.3040607@askdh.com> In-Reply-To: <200307261322.31656.matthew@starbreaker.net> References: <00a201c35398$ed1de680$3501a8c0@pro.sk> <200307261322.31656.matthew@starbreaker.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Graybosch wrote: > But if you're concerned with security uber alles, I'm surprised you > didn't look into OpenBSD first. According to their site > (openbsd.org), they've had "only one remote hole in the default > install, in more than 7 years!" Caveat: the default install has almost nothing in it. This is fine if you plan to do almost nothing, but if you install any software, you'll be about as well off as if you were installing that software anywhere else. > FreeBSD certainly can be secured, but it appears that the developers > put performance and reliability first, and then security. Theo de > Raadt puts security first. The BSDs borrow freely from each other. OpenBSD perhaps is a little more aggressive about cryptography in the base system, but the results of OpenBSD audits are often used by Net and Free. Please look up from your "BSD Executive Summary" article :-) To claim that FreeBSD puts reliability ahead of security doesn't make sense; a compromised system is usually not reliable. Security (and more broadly, stability/reliability) are given a little more consideration than performance, if you want to order them. A competent administrator can secure any system. An incompetent administrator should become competent (on machines unreachable from the internet) before running anything important in publically-reachable space. To the original poster: I take it you are running DNS and SMTP on the FreeBSD machine? Try to avoid BIND 8; use BIND 9 or djbdns for your DNS. Qmail and Postfix have better security records than Sendmail for SMTP; I prefer Postfix for ease of configuration. If you're running a BIND version, run it as user bind in a chroot (at least). I'd worry more about your public services than about SUID bits: if there is no shell access, nobody will be able to take advantage of SUID without first finding a hole allowing shell access. Subscribe to freebsd-security-notifications for, well, security notifications. Keep your ears open for bugs in your MTA or DNS server. With a little vigilance you have little to fear. Good luck, -- Daniel Harris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F22C073.3040607>