Date: Sat, 8 Sep 2001 13:45:45 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Mike Tancsa <mike@sentex.net> Cc: security@FreeBSD.ORG Subject: Re: Fwd: Multiple vendor 'Taylor UUCP' problems. Message-ID: <200109082045.f88KjjK29003@earth.backplane.com> References: <5.1.0.14.0.20010908153417.0286b4b8@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help
:
:I imagine FreeBSD is vulnerable to this was well :-(
:
: ---Mike
Looks like it. Boy that's stupid.
We should probably chflags all binaries that are not owned by root
but might be run by root 'schg'. At the very least. That's in
addition to any fix of the problem. These binaries really have got
to be set 'schg'.
-r-sr-sr-x 1 uucp dialer 123888 Jul 23 22:22 cu
-r-sr-xr-x 1 man wheel 28512 Jul 23 22:22 man
-r-xr-xr-x 1 uucp dialer 38340 Jul 23 22:24 tip
-r-sr-xr-x 1 uucp wheel 88228 Jul 23 22:22 uucp
-r-sr-xr-x 1 uucp wheel 37312 Jul 23 22:22 uuname
-r-sr-sr-x 1 uucp dialer 96752 Jul 23 22:22 uustat
-r-sr-xr-x 1 uucp wheel 88844 Jul 23 22:22 uux
chflags schg /usr/bin/{cu,man,tip,uucp,uuname,uustat,uux}
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109082045.f88KjjK29003>