From owner-freebsd-security Tue Jul 29 05:53:59 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id FAA09782 for security-outgoing; Tue, 29 Jul 1997 05:53:59 -0700 (PDT) Received: from homeport.org (lighthouse.homeport.org [205.136.65.198]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA09768 for ; Tue, 29 Jul 1997 05:53:54 -0700 (PDT) Received: (adam@localhost) by homeport.org (8.8.5/8.6.9) id IAA12447; Tue, 29 Jul 1997 08:50:07 -0400 (EDT) From: Adam Shostack Message-Id: <199707291250.IAA12447@homeport.org> Subject: Re: security hole in FreeBSD In-Reply-To: from Robert Watson at "Jul 28, 97 04:55:19 pm" To: robert+freebsd@cyrus.watson.org Date: Tue, 29 Jul 1997 08:50:07 -0400 (EDT) Cc: adam@homeport.org, vince@mail.MCESTATE.COM, security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL27 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Robert Watson wrote: | On Mon, 28 Jul 1997, Adam Shostack wrote: | | > Vincent Poy wrote: | > | > su really should be setuid. Everything else is debatable. My | > advice is to turn off all setuid bits except those you know you need | > (possibly w, who, ps, ping, at, passwd) | Several mail delivery programs (mail.local, sendmail, uucp-stuff, etc) | require root access to delivery to local mailboxes; crontab related stuff, | terminal locking, some kerberos commands, local XWindows servers, and su | all rely on suid. I know no one who still runs uucp. There are a few holdouts, but most systems can leave uucp off with no pain. Ditto with kerberos. :) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume