From owner-freebsd-security Sat Jun 29 08:16:29 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA08214 for security-outgoing; Sat, 29 Jun 1996 08:16:29 -0700 (PDT) Received: from mole.mole.org (marmot.mole.org [204.216.57.191]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA08092 for ; Sat, 29 Jun 1996 08:15:05 -0700 (PDT) Received: (from mail@localhost) by mole.mole.org (8.6.12/8.6.12) id PAA00344 for ; Sat, 29 Jun 1996 15:15:05 GMT Received: from meerkat.mole.org(206.197.192.110) by mole.mole.org via smap (V1.3) id sma000339; Sat Jun 29 15:14:41 1996 Received: (from mrm@localhost) by meerkat.mole.org (8.6.11/8.6.9) id HAA27966; Sat, 29 Jun 1996 07:39:27 -0700 Date: Sat, 29 Jun 1996 07:39:27 -0700 From: "M.R.Murphy" Message-Id: <199606291439.HAA27966@meerkat.mole.org> To: nlawson@kdat.csc.calpoly.edu, terry@lambert.org Subject: Re: I need help on this one - please help me track this guy down! Cc: freebsd-security@freefall.freebsd.org Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Nice try, Terry, but since /bin and /usr/bin and all the binaries on the > system are owned by bin, a hosts.equiv might as well allow root access. Not on the systems that we have here that need to be secure, they're not. All system executables and directories are owned by root. And /tmp and /var/tmp are owned by user tmp and group tmp. Paranoia is healthy. Internal systems are setup loose, external systems are screwed down tight. Blatant tautology alert: Just because a system is shipped insecure doesn't mean it has to be left that way. -- Mike Murphy mrm@Mole.ORG +1 619 598 5874 Better is the enemy of Good