From owner-freebsd-security Tue Nov 17 14:24:07 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA28084 for freebsd-security-outgoing; Tue, 17 Nov 1998 14:24:07 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mx2.dmz.fedex.com (mx2.dmz.fedex.com [199.81.194.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA28016 for ; Tue, 17 Nov 1998 14:23:33 -0800 (PST) (envelope-from wam@mohawk.dpd.fedex.com) Received: from mx1.zmd.fedex.com (sendmail@mx1.zmd.fedex.com [199.82.159.10]) by mx2.dmz.fedex.com (8.9.1/8.9.1) with ESMTP id QAA13473 for ; Tue, 17 Nov 1998 16:23:01 -0600 (CST) Received: from s07.sa.fedex.com (root@s07.sa.fedex.com [199.81.124.17]) by mx1.zmd.fedex.com (8.9.1/8.9.1) with ESMTP id QAA11509 for ; Tue, 17 Nov 1998 16:22:59 -0600 (CST) Received: from mohawk.dpd.fedex.com (mohawk.dpd.fedex.com [199.81.74.121]) by s07.sa.fedex.com (8.9.1/8.9.1) with SMTP id QAA12303; Tue, 17 Nov 1998 16:22:33 -0600 (CST) Message-Id: <199811172222.QAA12303@s07.sa.fedex.com> To: Bill Woodford cc: freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Date: Tue, 17 Nov 1998 16:22:02 -0600 From: William McVey Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Bill Woodford wrote: >I think this is a good idea. The change in perms didnt seem to affect >anything else in a bad way, and it got rid of a setuid. Andre, thanks >for posting it! Did this work for you? Can you actually "break" your xlock? It didn't work for me when I did it originally because getpwnam, which is what xlock apparently calls, only returns the shadow'ed encrypted password entry if geteuid() returns 0 (at least this is how FreeBSD 2.2.5 is does it (my 3.0 machine is suffering from hardware problems right now). I posted a proposed "fix" for this, which no-one has really commented on. -- William To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message