Date: Sun, 17 Aug 2003 20:02:51 -0700 From: "David O'Brien" <obrien@FreeBSD.org> To: Bruce Evans <bde@zeta.org.au> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc Makefile src/etc/isdn Makefile Message-ID: <20030818030251.GA58592@dragon.nuxi.com> In-Reply-To: <20030818122222.S82619@gamplex.bde.org> References: <200308180036.h7I0aVFl033156@repoman.freebsd.org> <20030818122222.S82619@gamplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Aug 18, 2003 at 12:34:50PM +1000, Bruce Evans wrote:
> On Sun, 17 Aug 2003, David E. O'Brien wrote:
> > Modified files:
> > etc Makefile
> > etc/isdn Makefile
> > Log:
> > Don't hardcode owner 'root' and group 'wheel'.
> >
> > Submitted by: Ulrich Spoerlein <q@uni.de>
>
> This needs more thought. The owner was hardcoded to root for ppp at
> least for much the same reason that the owner of the ppp binary and
> all (?) other setuid binaries is forced to be root: only root should
> be able to read it. The ownership shouldn't be hard-coded, but it
> shouldn't be ${BINOWN}:${BINGRP} either, so that overriding the defaults
> for BINOWN and BINGRP doesn't automatically open security holes.
At this point I don't think we can safely set BINOWN to anything other
than 'root'. This isn't the first Makefile to assume BINOWN was root
from a security POV.
--
-- David (obrien@FreeBSD.org)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030818030251.GA58592>