From owner-freebsd-security@FreeBSD.ORG Mon Jun 2 09:38:33 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F85A37B404 for ; Mon, 2 Jun 2003 09:38:33 -0700 (PDT) Received: from analog.databits.net (analog.databits.net [198.78.65.155]) by mx1.FreeBSD.org (Postfix) with SMTP id AB96A43F85 for ; Mon, 2 Jun 2003 09:38:32 -0700 (PDT) (envelope-from petef@analog.databits.net) Received: (qmail 22299 invoked by uid 1000); 2 Jun 2003 16:34:34 -0000 Date: Mon, 2 Jun 2003 11:34:34 -0500 From: Pete Fritchman To: Troy Settle Message-ID: <20030602163434.GB33375@absolutbsd.org> References: <1054567925.17084.7.camel@xyzzy.wireless.snsonline.net> <001b01c3291e$80b3ca90$23fbab3f@psknet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <001b01c3291e$80b3ca90$23fbab3f@psknet.com> User-Agent: Mutt/1.4i cc: 'Support' cc: 'Mark Sergeant' cc: 'Wolfpaw - Dale Corse' cc: isp@freebsd.org cc: security@freebsd.org Subject: Re: quick poppassd question X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:38:33 -0000 ++ 02/06/03 11:49 -0400 - Troy Settle: | Perhaps someone can shed more light on the subject, but it's my | impression that most system process run with a UID/GID under 100. So a | uid < 100 should deny the change request. UIDs up to and including 999 are reserved for system use. For example, see this section in the porters handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/dads-uid.html --pete