Date: Tue, 25 Feb 1997 01:24:48 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@freebsd.org Subject: Re: disallow setuid root shells? Message-ID: <Mutt.19970225012448.j@uriah.heep.sax.de> In-Reply-To: <9702242229.AA03727@biohazard.csc.ncsu.edu>; from Nate Johnson on Feb 24, 1997 17:29:54 -0500 References: <3311E1FD.167EB0E7@whistle.com> <9702242229.AA03727@biohazard.csc.ncsu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
As Nate Johnson wrote: > Except the case where the hacker truly knows what they're doing, in which > case, the security audit will be worthless. root can modify any files he > wants, including the database used to compare suid files against. =( chflags schg <your audit file> sysctl -q kern.securelevel=1 -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970225012448.j>