Date: Sat, 30 Sep 2000 15:14:36 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Mike Silbersack <silby@silby.com> Cc: "Brian F. Feldman" <green@FreeBSD.ORG>, Warner Losh <imp@village.org>, Jordan Hubbard <jkh@winston.osd.bsdi.com>, Roman Shterenzon <roman@xpert.com>, Kris Kennaway <kris@FreeBSD.ORG>, security@FreeBSD.ORG Subject: Re: cvs commit: ports/mail/pine4 Makefile (fwd) Message-ID: <20000930151436.D25121@149.211.6.64.reflexcom.com> In-Reply-To: <Pine.BSF.4.21.0009301619010.23864-100000@achilles.silby.com>; from silby@silby.com on Sat, Sep 30, 2000 at 04:22:46PM -0500 References: <200009301842.e8UIgA543368@green.dyndns.org> <Pine.BSF.4.21.0009301619010.23864-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 30, 2000 at 04:22:46PM -0500, Mike Silbersack wrote: > > On Sat, 30 Sep 2000, Brian F. Feldman wrote: > > > That is, one can create their own jail (or just chroot(8)... I should > > probably get user-chrooting reviewed ;) which they would use for running > > potentially evil things -- like reading e-mail with pine. It's not too > > difficult, but it's really easier just to switch to a better MUA. > > user-chrooting would be excellent. Chrooting MUAs / web browsers / etc > would be a nice feature no matter how secure the program in question seems > to be. If you get it implemented, I'll be the first to use the > feature. :) Why not just run each program under a different user? From the multi-user heritage of the OS, it is really good at keeping users from messing with each other's stuff. You set up a user to read mail, a user to browse, and a user to do whatever else is "risky." You can have one not-too-super-super-user (that you never do anything to risky with) who can access stuff from all of these individual users via group permissions. Here is an example, you have groups, mymailer:*:2010:mysu mysurfer:*:2020:mysu mygamer:*:2030:mysu And each of those users has a 002 umask. From you mysu account you can access everything. From mymailer, you can only screw up your mail (something that chrooting would not get around either). This might be an admin nightmare for systems that _are_ being used for true multi-user (more than one real person) systems. But for the average home box or single-user desktop, this seems that it does all chroot would do and then some with no extra hassles. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000930151436.D25121>