Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 28 Mar 2002 21:55:52 -0500 (EST)
From:      Garrett Wollman <wollman@lcs.mit.edu>
To:        "Crist J. Clark" <cjc@FreeBSD.ORG>
Cc:        security@FreeBSD.ORG
Subject:   Re: make world and setuid bits
Message-ID:  <200203290255.g2T2tqi09556@khavrinen.lcs.mit.edu>
In-Reply-To: <20020328174304.L97841@blossom.cjclark.org>
References:  <20020328121850.D97841@blossom.cjclark.org> <20020328161518.R5333-100000@walter> <20020328174304.L97841@blossom.cjclark.org>

next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 28 Mar 2002 17:43:04 -0800, "Crist J. Clark" <cjc@FreeBSD.ORG> said:

> Some sites may use this policy, but I would never like it. It requires
> direct logins as root.

It may make some sense in limited circumstances.  For example, my
Kerberos KDC has only one interactive user (root), does not support
network login (duh!), and is locked in a box in one of my machine
rooms.  *Any* escalation of privilege on that machine represents a
serious security problem.

> passwd(1), at(1), crontab(1), login(1), su(1), some or most of those
> would be required for almost any multiuser installation.

Actually, only passwd is required for most users.  People who are not
administrators have no need for at, crontab, or su, and the only
process which normally runs login is getty.

-GAWollman


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203290255.g2T2tqi09556>