From owner-freebsd-security Tue Jul 29 12:30:29 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id MAA07524 for security-outgoing; Tue, 29 Jul 1997 12:30:29 -0700 (PDT) Received: from shell.monmouth.com (root@shell.monmouth.com [205.164.220.9]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA07516 for ; Tue, 29 Jul 1997 12:30:26 -0700 (PDT) Received: from i4got.lakewood.com (fh-ppp17.monmouth.com [205.164.221.49]) by shell.monmouth.com (8.8.5/8.7.3) with ESMTP id PAA26631; Tue, 29 Jul 1997 15:28:01 -0400 (EDT) Received: (from pechter@localhost) by i4got.lakewood.com id PAA12852 (8.8.5/IDA-1.6); Tue, 29 Jul 1997 15:30:10 -0400 (EDT) From: Bill Pechter Message-ID: <199707291930.PAA12852@i4got.lakewood.com> Subject: Re: security hole in FreeBSD To: adam@homeport.org (Adam Shostack) Date: Tue, 29 Jul 1997 15:30:10 -0400 (EDT) Cc: freebsd-security@freebsd.org In-Reply-To: <199707291855.OAA14671@homeport.org> from Adam Shostack at "Jul 29, 97 02:55:21 pm" Reply-to: pechter@lakewood.com X-Phone-Number: 908-389-3592 X-Mailer: ELM [version 2.4ME+ PL19 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk FreeBSD'ers Adam and I have been debating this one offline a bit. I brought this one back to freebsd-security to see if I'm the only one that has a problem with removing suid from uucp or removing uucp from the base distribution -- I'll avoid continuing this if others here think I should drop this one. I don't want to suck bandwidth if there's not a serious effort to change the way FreeBSD ships. It may be I'm just having a bad day -- but I think: The day FreeBSD stops including stuff like UUCP in the base system is the day I find another (NetBSD/OpenBSD/Linux) OS. I like the fact it is ALL of Unix. Put a package together that will shut down the SUID stuff -- keep this out of the standard distribution. Most linux admins have never seen Cops/Tripwire/TCP Wrappers. If you're allowing others to connect to your machine you need to determine the amount of risk you are willing to allow and work to decide how to protect yourself. Inherent with connectivity is risk. Inherent with protection is knowing that NO machine is automatically secure out of the box. I worked with a number of commercial Unix systems running C2 and B2 security and they all came in an unsecure manner and you turned on the audit and security features used to bring them to a more secure level. If you want to connect to the internet then YOU need to firewall/harden the security of the system. If you're running it as an IN-HOUSE machine you may not care about maximizing security. It's a base-level functionality vs. security debate. > From: Adam Shostack > | > > | > I don't deny there are people doing it, but anyone who wants > | > to run UUCP knows enough to turn it on. Most people don't use it; > | > there exists a potential of a security hole, it should ship turned > | > off, possibly with a script to turn it on. > | > > | > Want to take a stab at how many Freebsd users know what HDB > | > stands for? How it differs from Taylor? Heck, how many know what > | > uucp stands for? > | > > | > Adam > | > | Bill Pechter wrote: > | Everyone I taught Unix admin knows all of that. Anyone doing Unix admin > | should know that. > > From: Adam Shostack > > Should, but do they? This guy with the problem sure doesn't. Most > linux admins don't, if you read the cert summaries. We need to > improve the baseline. You and I, and anyone else who wants to run > UUCP can turn it on. Bill ------------------------------------------------------------------------------ Bill Pechter | 17 Meredith Drive Tinton Falls, NJ 07724 | 908-389-3592 pechter@lakewood.com | Save computing history, give an old geek old hardware. This msg brought to you by the letters PDP and the number 11.