From owner-freebsd-security  Sat Sep 25 17:10:35 1999
Delivered-To: freebsd-security@freebsd.org
Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207])
	by hub.freebsd.org (Postfix) with ESMTP id DF38114EA1
	for <freebsd-security@freebsd.org>; Sat, 25 Sep 1999 17:10:33 -0700 (PDT)
	(envelope-from cjc@cc942873-a.ewndsr1.nj.home.com)
Received: (from cjc@localhost)
	by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id UAA47484
	for freebsd-security@freebsd.org; Sat, 25 Sep 1999 20:13:27 -0400 (EDT)
	(envelope-from cjc)
From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com>
Message-Id: <199909260013.UAA47484@cc942873-a.ewndsr1.nj.home.com>
Subject: dump(8) Insecurity/Misconfiguration
To: freebsd-security@freebsd.org
Date: Sat, 25 Sep 1999 20:13:27 -0400 (EDT)
Reply-To: cjclark@home.com
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

When fooling around with dump(8), a couple of things occured to me
(these are probably old news, but I want to make sure I don't break
anything):

1) Since the disk devices in /dev are by default set group
   readable to operator, any member of operator has access to any
   files on the disk regardless of any permissions on a directory or 
   file.

2) Will it break anything if I clear the group read bit on the disk
   devices? 

3) dump(8) is setgid to group tty. Why?

4) Can I remove the setgid bit?
-- 
Crist J. Clark                           cjclark@home.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message