From owner-freebsd-bugs Wed Jan 8 4:30:19 2003 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EE6A037B428 for ; Wed, 8 Jan 2003 04:30:16 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 34BDF43F08 for ; Wed, 8 Jan 2003 04:30:16 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id h08CUFNS023904 for ; Wed, 8 Jan 2003 04:30:15 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id h08CUFMZ023898; Wed, 8 Jan 2003 04:30:15 -0800 (PST) Date: Wed, 8 Jan 2003 04:30:15 -0800 (PST) Message-Id: <200301081230.h08CUFMZ023898@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Peter Pentchev Subject: Re: bin/46838: security vulnerability in dump Reply-To: Peter Pentchev Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR bin/46838; it has been noted by GNATS. From: Peter Pentchev To: David Malone Cc: Mark , bug-followup@FreeBSD.org Subject: Re: bin/46838: security vulnerability in dump Date: Wed, 8 Jan 2003 14:27:23 +0200 On Tue, Jan 07, 2003 at 09:15:47PM +0000, David Malone wrote: > On Tue, Jan 07, 2003 at 12:50:04PM -0800, Mark wrote: > > I realize running "umask 077" will prevent this problem. But I also believe > > dump is a special case, as most individual programs do not create > > world-readable files containing root's view of the filesystem data. > > Just about any command can create world readable files containing > root's view of a filesystem: cp, tar, cat, dd. I'd also expect > that people may use dump to create (say) group readable files which > can be restored by those in group operator, or somesuch. This may be mollified even further by a sensible directory hierarchy of the location that filesystem dumps are kept: I personally *always* create dumps and backup archives in a directory that is in itself protected by permissions-based access control. The default FreeBSD setup sets a good example by providing a /var/backups directory by default, which is only writeable by root and readable by the 'wheel' group. > If there's a general consensus for change, I'll go along with it - > otherwise I'll close the PR as one of the many ways unix offers you > to shoot yourself in the foot. FWIW, I concur - most of the Unix utilities provide you with the ability to shoot yourself in the foot if you so desire, indeed :) G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I am jealous of the first word in this sentence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message