From owner-freebsd-security Sat Sep 8 13:45:50 2001 Delivered-To: freebsd-security@freebsd.org Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67]) by hub.freebsd.org (Postfix) with ESMTP id 8D59137B408 for ; Sat, 8 Sep 2001 13:45:47 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.6/8.11.2) id f88KjjK29003; Sat, 8 Sep 2001 13:45:45 -0700 (PDT) (envelope-from dillon) Date: Sat, 8 Sep 2001 13:45:45 -0700 (PDT) From: Matt Dillon Message-Id: <200109082045.f88KjjK29003@earth.backplane.com> To: Mike Tancsa Cc: security@FreeBSD.ORG Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. References: <5.1.0.14.0.20010908153417.0286b4b8@192.168.0.12> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org : :I imagine FreeBSD is vulnerable to this was well :-( : : ---Mike Looks like it. Boy that's stupid. We should probably chflags all binaries that are not owned by root but might be run by root 'schg'. At the very least. That's in addition to any fix of the problem. These binaries really have got to be set 'schg'. -r-sr-sr-x 1 uucp dialer 123888 Jul 23 22:22 cu -r-sr-xr-x 1 man wheel 28512 Jul 23 22:22 man -r-xr-xr-x 1 uucp dialer 38340 Jul 23 22:24 tip -r-sr-xr-x 1 uucp wheel 88228 Jul 23 22:22 uucp -r-sr-xr-x 1 uucp wheel 37312 Jul 23 22:22 uuname -r-sr-sr-x 1 uucp dialer 96752 Jul 23 22:22 uustat -r-sr-xr-x 1 uucp wheel 88844 Jul 23 22:22 uux chflags schg /usr/bin/{cu,man,tip,uucp,uuname,uustat,uux} -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message