Date: Sun, 15 Nov 1998 23:58:02 -0700 From: Warner Losh <imp@village.org> To: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> Cc: Matthew Dillon <dillon@apollo.backplane.com>, freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Message-ID: <199811160658.XAA01912@harmony.village.org> In-Reply-To: Your message of "Mon, 16 Nov 1998 07:29:37 %2B0100." <19981116072937.E969@internal> References: <19981116072937.E969@internal> <19981115192224.A29686@internal> <19981115161548.A23869@internal> <199811151758.JAA15108@apollo.backplane.com> <19981115192224.A29686@internal> <199811152210.PAA01604@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19981116072937.E969@internal> Andre Albsmeier writes: : > Back to the original thread, I'm not sure how making more programs : > setgid would help system security. Small ones that are easy to audit : : Well, if you make it setgid and use 640 on the password file, you : a) can't write to the pw file directly any more : b) have to crack the root pw from the still readable pw file in order : to become root. : : Now you are root immediately. Now you have to have root in order to get root. /etc/passwd is readable by everybody, but so what. There are no passwords in it. The master password file, on the other hand, is readable only by root. It is true that a stack smashing attack would get you only group pw if you made this change. Hmmm, that might be worth it. : BTW, by examining the xlockmore configure file I found that I am not : the first one thinking of it: Not being the first to think of it doesn't make it right. :-) This would plug some potential holes in a small number of applications. I'm not sure that it is worth it on the effort/return front. I can think of only a few programs that might benefit from this, and a similar benefit could likely be had with a PAM module that talked to a password server which did all the right things. However, that too add complexity, which makes it harder to secure things.... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811160658.XAA01912>