From owner-freebsd-security Thu Jun 17 20:31:53 1999 Delivered-To: freebsd-security@freebsd.org Received: from kitsune.swcp.com (swcp.com [198.59.115.2]) by hub.freebsd.org (Postfix) with ESMTP id 32BC414C9C for ; Thu, 17 Jun 1999 20:31:52 -0700 (PDT) (envelope-from synk@swcp.com) Received: (from synk@localhost) by kitsune.swcp.com (8.8.8/1.2.3) id VAA03462 for security@FreeBSD.ORG; Thu, 17 Jun 1999 21:31:51 -0600 (MDT) Date: Thu, 17 Jun 1999 21:31:51 -0600 (MDT) From: Brendan Conoboy Message-Id: <199906180331.VAA03462@kitsune.swcp.com> To: security@FreeBSD.ORG Subject: make world clobbers (was Re: some nice advice....) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > From: Joe Greco > Subject: Re: some nice advice.... > To: terry@program-products.co.uk (Terry Glanfield) > Cc: security@FreeBSD.ORG > There is little point in chmod'ding an executable to 0 on a free OS where > the executables can be retrieved from any convenient FTP site. In fact, > some utilities may retain their usefulness in some lesser manner... or > you may wish to run them as root... or for example, doing a chmod 0 on > /usr/bin/login may not be too slick. > > You want to remove the privilege. That's all, really. > > Otherwise you get into the slippery slope of "why don't you chmod 0 this > other random non-suid executable that nobody on this system will ever need", > and that wasn't the point. The point was to remove likely security holes > opened by suid or sgid executables on application-server-platform class > machines where no "normal user" would lose by being unable to run them, > and then applying some really mean-ass schg flags. The main reason I'd chmod 0 an executable is to remove it from the path entirely. Unless I'm mistaken, root can execute a mode 0000 file anyway. On a related question, what do you all do about make world overwriting all your chmod changes? I'm constantly plagued by this and other things like sendmail overwriting qmail's sendmail symlink. Is the only answer to write a custom fixit script? -Brendan (synk@swcp.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message