Date: Sat, 19 Jul 1997 12:51:18 +0200 From: Andreas Klemm <andreas@klemm.gtn.com> To: sthaug@nethelp.no Cc: andreas@klemm.gtn.com, hackers@FreeBSD.ORG Subject: Re: sendmail complains about being unable to write his pid file Message-ID: <19970719125118.60102@gtn.com> In-Reply-To: <15406.869308066@verdi.nethelp.no>; from sthaug@nethelp.no on Sat, Jul 19, 1997 at 12:27:46PM %2B0200 References: <19970719120826.19772@gtn.com> <15406.869308066@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jul 19, 1997 at 12:27:46PM +0200, sthaug@nethelp.no wrote:
> > > I'm always nervous about directories owned by bin, on the assumption
> > > that bin might be easier to break than root, and could then be used
> > > as a stepstone to breaking root.
> >
> > I don't believe this, because bin isn't a password protected login.
> > Look here:
> > bin:*:3:7:Binaries Commands and Source,,,:/:/nonexistent
>
> That's fine - until somebody decides to run NFS. Then all bets are off.
Ok, I understand. But this szenario only arise, if a system
administrator decides to put a site into a hosts.equiv file.
And yes, you are right, then people could start to 'hack' the
server by making the clients ,bin' account to a login account,
and if /var should be exported, then files or directories could
be renamed or such ...
It would be safer, to change the owner of system binaries and
directories to root, since then you could put hosts more safely
into the /etc/hosts.equiv file. You would have to add the -root
export option, so that the NFS server's exported directories
could be compromised.
--
Andreas Klemm | klemm.gtn.com - powered by
Symmetric MultiProcessor FreeBSD
http://www.freebsd.org/~fsmp/SMP/SMP.html
http://www.freebsd.org/~fsmp/SMP/benches.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970719125118.60102>