Date: Mon, 24 Feb 1997 16:25:30 -0700 (MST) From: Ade Barkah <mbarkah@hemi.com> To: angio@aros.net (Dave Andersen) Cc: abelits@phobos.illtel.denver.co.us, hackers@freebsd.org Subject: Re: disallow setuid root shells? Message-ID: <199702242325.QAA12075@hemi.com> In-Reply-To: <199702241823.LAA27302@fluffy.aros.net> from Dave Andersen at "Feb 24, 97 11:23:51 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Dave wrote: > > IMHO adding "anti-setuid" code into shell will help, but that > > help won't worth the effort of typing "setuid(getuid());" ... > > I disagree. It's a small thing, and very easy to get around, but > it would help reduce the number of breakins by people who don't > understand what they're doing aside from running this program-thingy > that someone gave them. ... The anti-setuid code will not reduce breakins... by the time they're doing 'chmod u+s sh', they _already_have_ root access. What I'd do is to booby-trap the shells, so if it runs setuid, it _seems_ to run but reaaaalllyyyyy slooooowwww, and notifies me in the meantime. =-) Regards, -Ade ------------------------------------------------------------------- Inet: mbarkah@hemi.com - HEMISPHERE ONLINE - <http://www.hemi.com/>; -------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702242325.QAA12075>