From owner-freebsd-security Wed May 14 16:04:49 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA11789 for security-outgoing; Wed, 14 May 1997 16:04:49 -0700 (PDT) Received: from wakko.efn.org (wakko.efn.org [198.68.17.6]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA11784 for ; Wed, 14 May 1997 16:04:45 -0700 (PDT) Received: from garcia.efn.org (j_mini@garcia.efn.org [198.68.17.5]) by wakko.efn.org (8.8.5/8.8.5) with ESMTP id QAA18762; Wed, 14 May 1997 16:03:55 -0700 (PDT) Received: from localhost (j_mini@localhost) by garcia.efn.org (8.8.5/8.8.5) with SMTP id QAA09770; Wed, 14 May 1997 16:11:53 -0700 (PDT) X-Authentication-Warning: garcia.efn.org: j_mini owned process doing -bs Date: Wed, 14 May 1997 16:11:52 -0700 (PDT) From: Jonathan Mini To: John-Mark Gurney cc: bofh@terranova.net, security@FreeBSD.ORG Subject: Re: /usr/sbin/wall is suid root. In-Reply-To: <19970514130407.00511@hydrogen.nike.efn.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Wed, 14 May 1997, John-Mark Gurney wrote: He is right, I didn't check. However, this was 2.2.1-R. > Travis Mikalson scribbled this message on May 14: > > Jonathan Mini wrote: > > > > > > Personally, I think that being able to transmit an abatrary string of > > > characters to every user's console on the system is a bit of a security > > > hole. ANSI keyboard reassignments come to mind. > > > > On my system, running 2.2-STABLE, /usr/bin/wall is setgid tty.. > > -r-xr-sr-x 1 bin tty 12288 Apr 16 06:05 /usr/bin/wall > > > > What version are you running where wall is in /usr/sbin and is setuid > > root? > > well.. I think Mini didn't check close enough... but stil... having it > sgid tty can have adverse side effects... like allowing people to write > to everyone... (REALLY anoying when you have around 8-15 logins.. :) ) > > I think we shouldn't install it sgid... is ther any good reason to > have it sgid?? > > -- > John-Mark > Cu Networking Modem/FAX: +1 541 683 6954 > > Live in Peace, destroy Micro$oft, support free software, run FreeBSD > Jonathan Mini (j_mini@efn.org) ... Desolation ... Despair ... Plastic Forks ...