From owner-freebsd-security Thu Nov 22 2: 7:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from freebie.atkielski.com (ASt-Lambert-101-2-1-14.abo.wanadoo.fr [193.251.59.14]) by hub.freebsd.org (Postfix) with ESMTP id D8B7537B416; Thu, 22 Nov 2001 02:07:35 -0800 (PST) Received: from contactdish (win.atkielski.com [10.0.0.10]) by freebie.atkielski.com (8.11.3/8.11.3) with SMTP id fAMA7Mh79654; Thu, 22 Nov 2001 11:07:22 +0100 (CET) (envelope-from anthony@freebie.atkielski.com) Message-ID: <016601c1733d$7a516b00$0a00000a@atkielski.com> From: "Anthony Atkielski" To: "Peter Pentchev" Cc: "FreeBSD Questions" , References: <014201c17336$40653f90$0a00000a@atkielski.com> <20011122112415.B855@straylight.oblivion.bg> <016001c17338$37d65240$0a00000a@atkielski.com> <20011122114813.C855@straylight.oblivion.bg> Subject: Re: setuid on nethack? Date: Thu, 22 Nov 2001 11:07:16 +0100 Organization: Anthony's Home Page (development site) MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org What about in the more general case of games? Would it be a good idea to set game files to games:games and 6511? And what about other types of executables? When I add ports and stuff to my system, sometimes they are picked up from some bizarre FTP sites, and in cases where the executables do not have to be trusted, some guidelines on how better to secure them would be welcome. I know that often they are being rebuilt from source before installation, but it isn't really practical to read through the source for every port just to look for suspicious code. Are ports examined by anyone anywhere for security problems before being included in the FreeBSD list of ports? ----- Original Message ----- From: "Peter Pentchev" To: "Anthony Atkielski" Cc: "FreeBSD Questions" ; Sent: Thursday, November 22, 2001 10:48 Subject: Re: setuid on nethack? > On Thu, Nov 22, 2001 at 10:29:36AM +0100, Anthony Atkielski wrote: > > After seeing that the owner and group were games, I set the permissions back to > > 2511, which I assume is safe. > > > > Do I need to take special precautions if I play this game from root? Would 6511 > > be a better choice in that case? > > No, no special precautions should be necessary. AFAIK, nethack does > not read any executable code from its data files, so any trojan would > have to be placed in the nethack executable itself. I personally have > never heard of somebody trojaning the nethack game so far :) > > G'luck, > Peter > > -- > You have, of course, just begun reading the sentence that you have just finished reading. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message