From owner-freebsd-hackers Mon Nov 25 11:26:12 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA02714 for hackers-outgoing; Mon, 25 Nov 1996 11:26:12 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA02707 for ; Mon, 25 Nov 1996 11:26:01 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id NAA15320; Mon, 25 Nov 1996 13:24:51 -0600 From: Joe Greco Message-Id: <199611251924.NAA15320@brasil.moneng.mei.com> Subject: Re: Replacing sendmail To: peter@taronga.com (Peter da Silva) Date: Mon, 25 Nov 1996 13:24:50 -0600 (CST) Cc: hackers@freebsd.org In-Reply-To: <199611251740.LAA26515@bonkers.taronga.com> from "Peter da Silva" at Nov 25, 96 11:40:13 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > In article <199611250434.PAA27300@genesis.atrad.adelaide.edu.au>, > Michael Smith wrote: > >I'd also appreciate input from anyone that can see a problem with having > >sendmail lying around but not running; if it's thought that this is still > >a security risk, then there should be a comment in the handbook section > >on mailer security suggesting that it be disabled (nuked, re-moded, etc.). > > Remoded. It'll still work to *send* mail if it's not running, and there > are convenient security holes there too. Absolutely agree; anything that is suid and is not being used should have the suid bits removed (at a minimum). That extends to other things as well. :-) Anybody want to write a little tool that "knows" how to do this, configurably? Maybe some mtree files plus a little menu widget. A quick inspection reveals that the following files (maybe more) are suid: /bin/rcp /sbin/dump /sbin/rdump /sbin/ping /sbin/restore /sbin/rrestore /sbin/route /sbin/shutdown /sbin/mount_msdos /usr/bin/cu /usr/bin/uucp /usr/bin/uuname /usr/bin/uustat /usr/bin/uux /usr/bin/suidperl /usr/bin/sperl4.036 /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/batch /usr/bin/chpass /usr/bin/chfn /usr/bin/chsh /usr/bin/ypchpass /usr/bin/ypchfn /usr/bin/ypchsh /usr/bin/keyinit /usr/bin/lock /usr/bin/login /usr/bin/passwd /usr/bin/yppasswd /usr/bin/quota /usr/bin/rdist /usr/bin/rlogin /usr/bin/rsh /usr/bin/su /usr/bin/crontab /usr/bin/lpq /usr/bin/lpr /usr/bin/lprm /usr/bin/newaliases /usr/bin/mailq /usr/bin/register /usr/libexec/uucp/uucico /usr/libexec/uucp/uuxqt /usr/libexec/mail.local /usr/sbin/mrinfo /usr/sbin/mtrace /usr/sbin/ppp /usr/sbin/pppd /usr/sbin/sendmail /usr/sbin/sliplogin /usr/sbin/timedc /usr/sbin/traceroute /usr/games/dm It seems to me that many of these are parts of various system "services" (UUCP, LPR, Mail, YP, rcmds). What might be way cool is a program that presents a menu such as System Services --------------- enabled A) Sendmail disabled B) UUCP disabled C) Printing enabled D) IIJ-PPP disabled E) sliplogin Etc. and allows you to turn each one on or off (basically fixing up the permissions). Just a thought, not a volunteer ;-) ... JG