From owner-freebsd-isdn Mon Jan 4 14:10:09 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA12354 for freebsd-isdn-outgoing; Mon, 4 Jan 1999 14:10:09 -0800 (PST) (envelope-from owner-freebsd-isdn@FreeBSD.ORG) Received: from peedub.muc.de (newpc.muc.ditec.de [194.120.126.33]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA12336 for ; Mon, 4 Jan 1999 14:10:03 -0800 (PST) (envelope-from garyj@peedub.muc.de) Received: from peedub.muc.de (localhost [127.0.0.1]) by peedub.muc.de (8.9.1/8.6.9) with ESMTP id WAA08158 for ; Mon, 4 Jan 1999 22:53:59 +0100 (CET) Message-Id: <199901042153.WAA08158@peedub.muc.de> X-Mailer: exmh version 2.0.2 2/24/98 To: freebsd-isdn@FreeBSD.ORG Subject: Re: regexp program Reply-To: Gary Jennejohn In-reply-to: Your message of "Mon, 04 Jan 1999 21:43:03 +0100." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 04 Jan 1999 22:53:59 +0100 From: Gary Jennejohn Sender: owner-freebsd-isdn@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Christian Wolf writes: > >Hi! > >On Mon, 4 Jan 1999, Hellmuth Michaelis wrote: > >> On Mon, Jan 04, 1999 at 08:06:13PM +0100, Wilko Bulte wrote: >> > >> > Security is a concern, true. It would be the (sick) hack of the >> > century if you could stick a regexp/regprog in somebody's isdnd.rc >> > that did (e.g) 'dd if=/dev/zero of=/dev/rsd0c' > >If I could stick a regexp/regprog in somebody's isdnd.rc I can do >a 'dd if=/dev/zero of=/dev/rsd0c' as well, can't I? > you lack the true hacker mentality ;-) It's the Trojan Horse aspect which makes it interesting. >> > In that respect I'd say it might make sense to not execute the regprog as >root. >> > It looks like isdnd/exec.c just execs whatever you feed it. Maybe a setuid >(nobody) >> > first? >> >> Something like that - on the other side: who should be permitted to access >> /dev/i4b* and wouldn't it be appropriate at this time to add group "isdn" >> to /etc/groups? >> >> I really didn't thought about all this stuff much, what do other people >> think about that ? >> >> Thoughts, comments ? > >Make isdnd check the owner and permission of isdnd.rc. If it is >not owned by root(0) or has not a mode like 0644 isdnd should refuse it. > it's not isdnd.rc that's of concern, it's the program pointed at by the regprog entry. I think Wilko's suggestion of changing the uid is probably the simplest and most secure way to handle this issue. Of course, if we had a group isdn we could change the gid. Obviously, regprog would have to be executable for group isdn in that case. Regarding /dev/i4b*, leave them only accessible for root. isdnd runs as root and noone really has any business playing around with these devices. --- Gary Jennejohn Home - garyj@muc.de Work - garyj@fkr.dec.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isdn" in the body of the message