Date: Sat, 08 Feb 1997 15:54:22 +0100 From: Eivind Eklund <eivind@dimaga.com> To: hackers@freebsd.org, current@freebsd.org Subject: Proposed change to dump/restore Message-ID: <3.0.32.19970208155420.00aaf720@dimaga.com>
next in thread | raw e-mail | index | archive | help
The suid capability of dump is only used for remote backups. dump have been known for security holes in the past, and is not a user level program. I propose a change of default mode and owner for this program to -r-sr-x--- root:operator /sbin/dump which will disallow anybody not in the operator group from making backups using dump (which is not too bad a thing, as only members of wheel can access the harddisks directly, which is needed to be able to use dump anyway), and only leave dump vulnerable to attacks from an operator :) Does anybody object to the change? If not, it'll go into 2.1.7 and -current. Eivind Eklund perhaps@yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19970208155420.00aaf720>