From owner-freebsd-security  Wed Nov  3 14:26:36 1999
Delivered-To: freebsd-security@freebsd.org
Received: from alcanet.com.au (border.alcanet.com.au [203.62.196.10])
	by hub.freebsd.org (Postfix) with ESMTP id 04AE0150E6
	for <freebsd-security@FreeBSD.ORG>; Wed,  3 Nov 1999 14:26:30 -0800 (PST)
	(envelope-from jeremyp@gsmx07.alcatel.com.au)
Received: by border.alcanet.com.au id <40370>; Thu, 4 Nov 1999 09:17:50 +1100
Content-return: prohibited
Date: Thu, 4 Nov 1999 09:23:15 +1100
From: Peter Jeremy <jeremyp@gsmx07.alcatel.com.au>
Subject: Re: Examining FBSD set[ug]ids and their use
In-reply-to: <Pine.BSF.3.96.991103122522.35508K-100000@fledge.watson.org>
To: Robert Watson <robert+freebsd@cyrus.watson.org>
Cc: freebsd-security@FreeBSD.ORG
Reply-To: peter.jeremy@Alcatel.com.au
Message-Id: <99Nov4.091750est.40370@border.alcanet.com.au>
MIME-version: 1.0
X-Mailer: Mutt 1.0pre3i
Content-type: text/plain; charset=us-ascii
References: <14367.64514.294218.824898@anarcat.dyndns.org>
 <Pine.BSF.3.96.991103122522.35508K-100000@fledge.watson.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On 1999-Nov-04 04:29:38 +1100, Robert Watson wrote:
>However, I don't like that /usr/bin/uustat is still owned by UUCP, and
...
>Same goes for man -- /usr/bin/man is owned by uid man, so anyone who
>breaks the manpage sandbox can modify it, and abscond with the privileges
>of any user running man.

Another option (at least for us) is to mark them system immutable
(schg).  That stops them being modified by their owner (though it
is more a work-around than a real fix).

>  Man should really use a gid, not a uid, so that
>the man binary doesn't have to by writable by the sandbox.

In this case, this would be a reasonable change, and I can't see any
immediate problems.

Peter


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message